ASP.NET, C#, IIS, MIME TYPES, FILE UPLOAD CONDITIONAL
15,088
Solution 1
See this answer, which points you to this page.
DOCX Mime Type:
application/vnd.openxmlformats-officedocument.wordprocessingml.document
EDIT: Sorry, didn't see it in the list. If you want to allow DOCX, why not just check for ".docx" as the extension.
|| FileUpload1.PostedFile.FileName.ToLower().Substring(FileUpload1.PostedFile.FileName.Length - 4) == "docx"
Solution 2
You should be reading the extension, not checking mime types. MIME types are set by the browser and could be different between computers. This is not their purpose.
Also, regardless of what background you come from, if you have an if statement like that, you should feel at least the slightest bit of shame.
string[] acceptedExtensions = new string[] { ".docx", ".doc", ".txt", ".etc" };
// snip
if(acceptedExtensions.Contains(Path.GetExtension(FileUpload1.PostedFile.Filename)))
{
AcceptFile(FileUpload1.PostedFile);
}
Author by
Chris Newton
Updated on August 11, 2022Comments
-
Chris Newton over 1 year
I have a file upload web-form on the website and it needs to only accept certain formats (or MIME types)...
The following code is working PERFECTLY, EXCEPT, it does not upload .DOCX files to the server ! That is the only file type that does not work... I have double checked every line of code and have even gotten into the IIS manager to ensure .DOCX MIME types were inherited, and they were...
Does anyone have any idea why .DOCX files will not upload to the server like every other filetype does?
Snippet of code:
string savePath = "D:\\HIDDEN PATH HERE"; string fileMsg; // Before attempting to perform operations // on the file, verify that the FileUpload // control contains a file. if (FileUpload1.HasFile) { // Check to see that the content type is proper and allowed. // DOC: application/doc, appl/text, application/vnd.msword, application/vnd.ms-word, application/winword, application/word, application/x-msw6, application/x-msword if ( FileUpload1.PostedFile.ContentType == "text/rtf" || FileUpload1.PostedFile.ContentType == "application/doc" || FileUpload1.PostedFile.ContentType == "appl/text" || FileUpload1.PostedFile.ContentType == "application/vnd.msword" || FileUpload1.PostedFile.ContentType == "application/vnd.ms-word" || FileUpload1.PostedFile.ContentType == "application/winword" || FileUpload1.PostedFile.ContentType == "application/word" || FileUpload1.PostedFile.ContentType == "application/msword" || FileUpload1.PostedFile.ContentType == "application/x-msw6" || FileUpload1.PostedFile.ContentType == "application/x-msword" || FileUpload1.PostedFile.ContentType == "application/pdf" || FileUpload1.PostedFile.ContentType == "application/x-pdf" || FileUpload1.PostedFile.ContentType == "application/vnd.openxmlformats-officedocument.wordprocessingml.document" || FileUpload1.PostedFile.ContentType == "application/vnd.openxmlformats-officedocument.wordprocessingml.template" ) { // Get the name of the file to upload. String fileName = FileUpload1.FileName; // Append the name of the file to upload to the path. savePath += strnow + fileName; // Call the SaveAs method to save the // uploaded file to the specified path. // This example does not perform all // the necessary error checking. // If a file with the same name // already exists in the specified path, // the uploaded file overwrites it. FileUpload1.SaveAs(savePath); // Notify the user of the name of the file // was saved under. //fileMsg = "Your file was saved as " + fileName; fileMsg = ""; } else { fileMsg = "Your file was not an accepted format. Please use PDF, RTF or DOC formats."; }-
dougajmcdonald over 12 yearsOnly thing I can think of is perhaps IIS doesn't have a mime type configured for DOCX (not that it should really need it for upload, but perhaps it has a bearing), have you checked that there is one setup for the extension?
-
Grant Thomas over 12 yearsCheck out Fiddler, this might help you determine exactly what MIME string is being pushed up the wire (although I think it should be
application/msword(which you have.)) -
Town over 12 yearsWhat is the value of
FileUpload1.PostedFile.ContentTypewhen you upload the .docx? Or doesn't it get that far? -
James Johnson over 12 yearsAre you also trying to solve the overwrite issue? -
Chris over 12 years@Mr. Disappointment: I believe that for docx it should be
application/vnd.openxmlformats-officedocument.wordprocessingml.documentbut he does also have that - I just thought you might want to know. :) -
Chris Newton over 12 yearsHello all, thank you for your help. The code you see above accepts WORD (.DOC), .PDFS, and everything else listed there, EXCEPT .DOCX... Still not sure what is going on...
-
Chris Newton over 12 yearsI CHOSE TO JUST READ THE EXTENSION... even though I do not think it is the most secure way
-
Chris over 12 years@Chris Newton: The mime type isn't that secure either since anybody with some knowledge of HTTP or a copy of fiddler could change what the mime type is. Only really surefire way to identify what the file is is to look at the file itself though this is usually overkill...
-
Paul Zahra about 11 years.docx is essentially a zip, and so is identified as such with regards to a files MIME Type
-
-
Icarus over 12 yearsHe's already handling that case. Look at his code (OR conditions). -
Chris Newton over 12 yearsHello all, thank you for your help. The code you see above accepts WORD (.DOC), .PDFS, and everything else listed there, EXCEPT .DOCX... Still not sure what is going on..
-
Chris Newton over 12 yearsI CHOSE TO JUST READ THE EXTENSION... even though I do not think it is the most secure way.
-
Kir almost 12 yearsReading the extension is the right way to go, Chris. Mime types are not reliable for this, as the OP discovered.
-
Robert almost 9 yearsold post, but how about a hypothetical: what if I change the extension locally of my .exe or .zip file to .doc? Going to have to agree with Chris's hesitation on this one.
