SilverLight
Top achievements
Rank 1
Rank 1
SilverLight
asked on 07 Jun 2012, 02:37 PM
how can i validate telerik radupload for mimeTypes -> mean Prevent Change Extension by users!
in both Client and Server sides!
my radupload is like this :
as you the `AllowedFileExtensions` is txt.
but i can change a zip file extension to txt and upload it.
how can i prevent this act?
there are many methods out there for Telerik RadUpload Validation Such As FileExtension-FileSize-Empty RadUpload.
but what about validating of real MiMeType?
there is a note in telerik web site :
RadUpload does not determine the mime-type using only the file extension. For example if you try to upload a text file that has the extension ".JPG", it is still uploaded with text/plain mime-type.
so why i can still upload a pciture (i zipped it and changed it's extention to txt) with readupload upper?
as you see i set
what is the problem?
i want to show a message to that user who change file extension(clietn and server side for learning)
thanks in advance
in both Client and Server sides!
my radupload is like this :
<telerik:RadUpload ID="RadUpload" runat="server" EnableEmbeddedSkins="False" Skin="BlackByMe" AllowedFileExtensions=".txt" AllowedMimeTypes="text/plain" ControlObjectsVisibility="ClearButtons" Width="325px"></telerik:RadUpload>as you the `AllowedFileExtensions` is txt.
but i can change a zip file extension to txt and upload it.
how can i prevent this act?
there are many methods out there for Telerik RadUpload Validation Such As FileExtension-FileSize-Empty RadUpload.
but what about validating of real MiMeType?
there is a note in telerik web site :
RadUpload does not determine the mime-type using only the file extension. For example if you try to upload a text file that has the extension ".JPG", it is still uploaded with text/plain mime-type.
so why i can still upload a pciture (i zipped it and changed it's extention to txt) with readupload upper?
as you see i set
AllowedMimeTypeswhat is the problem?
i want to show a message to that user who change file extension(clietn and server side for learning)
thanks in advance
1 Answer, 1 is accepted
0
Accepted
Kevin
Top achievements
Rank 2
Rank 2
answered on 08 Jun 2012, 12:21 PM
Hello SilverLight,
I believe on the client-side RadUpload would not be able to prevent a zip file with a txt extension from being uploaded because it matches the correct file name and you can't check a file's mime type in javascript. Only on the server-side would RadUpload perform the validation of the file with regards to the mime type and if it doesn't match "text/plain" it places it in the InvalidFiles collection.
Is that not what RadUpload is doing in your case? Is the file appearing in the UploadedFiles collection? If you, when you debug it what is the ContentType that it shows for the uploaded file?
I believe on the client-side RadUpload would not be able to prevent a zip file with a txt extension from being uploaded because it matches the correct file name and you can't check a file's mime type in javascript. Only on the server-side would RadUpload perform the validation of the file with regards to the mime type and if it doesn't match "text/plain" it places it in the InvalidFiles collection.
Is that not what RadUpload is doing in your case? Is the file appearing in the UploadedFiles collection? If you, when you debug it what is the ContentType that it shows for the uploaded file?