Legend

Question

CF9 cffile upload and mimetypes

Forum|Forum|13 years ago
December 28, 2012
1 reply
1110 views

Hello, everyone.

According to the CFML Ref for CFFILE/UPLOAD, "The browser uses the file extension to determine file type."

We all know that this isn't the most secure way of determining a file mimetype. Has anyone discovered or invented a way to have CF Server actually look at the code of the file being uploaded to determine the mimetype?

Thanks,

^_^

This topic has been closed for replies.

Carl Von Stetten

Legend

This doesn't help you with CF9, but CF10 does examine file headers to confirm mimetype.

-Carl V.

WolfShadeAuthor

Legend

I'm hoping that someone wrote a CFC/UDF that will do the same thing in CF9.

Haven't found it, yet.

Thank you,

^_^

Tim Cunningham

Participating Frequently

Did you check riaforge.org?

They have a function called Magic Mime: http://magicmime.riaforge.org/

Similar to how Linux/Unix check the contents of a file to determine their type, instead of using the file extension, this CF function performs a similar task.

Simple CFFUNCTION that returns a structure detailing the filetype/mimetype etc.

Currently supports:-

Adobe PDF Document

Microsoft Office Open XML Format Document

Microsoft Office Open XML Format Spreadsheet

Microsoft Office Open XML Format Presentation

Microsoft Office Word 97-2003 Document

Microsoft Office Excel 97-2003 Document

Microsoft Office Powerpoint 97-2003 Document

Graphics interchange format Image

Portable Network Graphics Image

JPEG Image

HTML (Experimental)

Sign up

To post, reply, or follow discussions, please sign in with your Adobe ID.

Sign in to Adobe Community

To post, reply, or follow discussions, please sign in with your Adobe ID.

Scanning file for viruses.

This file cannot be downloaded