118 Posts
webchun
7 years ago
3
Topic

Hi, I'd like to allow user to upload file to my seblod website and basically I will allow images, movies, document and archive file. Because in the upload file field allows us to choose only one file type, so I choose 'Custom' for Legal Extension option, and I entered this : doc,pdf,ppt,xls,zip,DOC,PDF,PPT,XLS,ZIP,jpg,jpeg,png,gif,bmp,JPG,JPEG,PNG,GIF,BMP,mp3,wav,mp4,avi,mov

My question is, will the upload process be secured by seblod? I mean will it just an simple extension check or also MIME check when uploading file (if I choose 'Custom' for 'Legal Extension' setting).

Thank you

Get a Book for SEBLOD
4229 Posts
Kadministrator
7 years ago
2
Level 1

Files are scanned for illegal tags like php, but as far as I can tell there is no MIME check

118 Posts
webchun
7 years ago
1
Level 2

I see. Anyway, I'm just wondering. Isn't it better to have MIME check for uploading field? Especially when we allow users to upload files from frontend?

4229 Posts
Kadministrator
7 years ago
0
Level 3

I agree that MIME check would add some additional security, but unfortunatelly this is not implemented.

Get a VIP membership