Upload Widget File Type Validation

Hi All,

I am using an upload widget to have the users to upload attachments. Before uploading I have implemented the client side validation of file size and file type (comparing Mime Types). But in case, if users uploads a non permissible file type using an allowed extension like .xls or .pdf , then how to validate that uploaded file ?

I have already checked the file extensions or mime-types. Is there anything else I can check in server side validation before storing the binary data in database ?  

I have tried forge component also but it's doing the same validation. My intention is to have valid file content with proper file types.  

Hi Suprio,


In order to do this, you need to validate against the mime type of the file.

You can check in this list, the mapping between mime types and extension.


Cheers,

João

Hi Suprio, 

In this article you can see the types of validation you can do during the upload.

Doing this validation with the MIME types you want, I believe you will get a good solution.


Regards.

Hi Suprio,

You can use this forge component to check file validation  (Type and Size)

https://www.outsystems.com/forge/component-overview/6073/dynamic-file-validation 


Hope this will help you.

Regards

Rahul

João Marques wrote:

Hi Suprio,


In order to do this, you need to validate against the mime type of the file.

You can check in this list, the mapping between mime types and extension.


Cheers,

João

 Hi Joao ,

As mentioned using JS I got the file type before uploading and then validating against all the permissible mime types in client side validation.

If the file passes through that mime type check , then only it allows to upload. 

Do I still need to validate the mime type in server side validation also ? Not sure if anything else I can do that's why looking for if any other way is there to validate .

 

Suprio Roy wrote:

João Marques wrote:

Hi Suprio,


In order to do this, you need to validate against the mime type of the file.

You can check in this list, the mapping between mime types and extension.


Cheers,

João

 Hi Joao ,

As mentioned using JS I got the file type before uploading and then validating against all the permissible mime types in client side validation.

If the file passes through that mime type check , then only it allows to upload. 

Do I still need to validate the mime type in server side validation also ? Not sure if anything else I can do that's why looking for if any other way is there to validate .

 


Hi Suprio,


Usually it is a good practice to do server side validations as the client side can be tampered.

But it would be the same check, yes!


Cheers,

João

Suprio,

If you want to get the extension in server side try this component:

https://www.outsystems.com/forge/component-overview/7202/file-type-file-extension


However, as everybody said, it would be the same validation.


The only advantage doing this server side is that you are ensuring that the values were not changed in client side just to fool your client side validation.