1

file control with mime-type

view story
linux-howto

http://serverfault.com – I have a security question regarding the mime types. I have a website on which users can upload videos. Prior to encoding with ffmpeg, I make a mime-type check to be sure the video file is really a video file and not a weird file or even an exec with a video file extension. Nevertheless sometimes, mime-type aren't recognized, especially with mkv containers. Is it risky if I drop the mime-type checking, submitting directly the files to ffmpeg ? Would it potentially open a breach ? Or would ffmpeg simply return an error with any file that isn't a video ? (HowTos)

grtyyu's picture
Submitted by grtyyu on 01/18/2013

Stories similar to file control with mime-type

Wow, that was a quick answer, thx alot for that! Due to procrastination reasons, I'll reply equally fast Xyne wrote:@jakobThe '--prefer' option requires a MIME-type matcher. See 'mimeo --mimeman-help' for the syntax. You need to tell it exactly which MIME-types to preferentially associate with dwb.

I am new to Apache. I have almost no knowledge of apache. I am using apache 2.2.11. I have one css file and multiple .js files which i am uploading to a remote storage with a php page(PHP - 5.2.8). When i am using function mime_content_type to get the mime type of css.css file, i am getting text/plain. Same issue with .js files.

Not even sure how I found the reason: mime type of *.r files (plain text R scripts) got set to "application/x-extension-r". (by ~/.local/share/mime/packages/user-extension-r.xml) . I checked update logs but couldn't determine the origin of this file. Interestingly, that happened only on one of two similar installations with the same 64bit Fedora 11.

When I click a link in Firefox that leads to a file, the MIME type of the file seems to be read to determine which application is more suitable to open the file.

Occasionally servers send out wrong mime type and Firefox defaults to the text editor, without making any further attempts to identify the file type.

Chromium doesn't seem to have any obvious MIME-type configuration settings, which strikes me as a little broken. My specific problem is that there are a number of filetypes that Chromium plays in-browser that I'd rather either download or associate with whatever my system-default MIME-type would suggest.

Custom MIME-type for folders? 6 weeks 21 hours ago

It's one of those days where I think "What if..." and almost break my entire system in the process...Since I couldn't find any specific information about the usage of directories with MIME, I searched around and found the xml for the inode/directory type.<?xml version="1.0" encoding="utf-8"?><mime-type xmlns="http://www.freedesktop.org/standard

I have a new file type that I would like to handle in gnome.

Establishing a new mime type, a new thumbnailer and a new application to display the file type is done.

But I need a new tab on the file properties page. This tab is analogous to the tabs for exif information for jpg files or for encoding information for video codecs, that says how long the video is.

We have a VPS server that we host our websites on. I have written a CMS using CodeIgniter. On one of the interfaces, I am attempting to upload a css file to the system. This worked correctly when we had it hosted on shared hosting.

I edited my /usr/share/mime/packages/freedesktop.org.xml (with a text editor) to modify the file icon of application/x-7z-compressed mime type :

<mime-type type="application/x-7z-compressed"> <generic-icon name="package-x-generic"/>

I would like to know if there is a tool to edit this file (or to change the icon of a mime type) instead of using a text editor ?