quote:
Originally posted by WDZ
It is completely possible to fake a mime type when uploading a file, so I strongly recommend also checking the extension, especially if you're going to store the file on your web server in a publically-accessable location with its original filename.
I assume that browsers get their mime types from the registry. For example, if you browse to HKEY_CLASSES_ROOT\.jpg, you will see a value called "Content Type" set to "image/jpeg." If a certain type of file is not in the registry, a generic type like "application/octet-stream" or "text/plain" will be used.
Another possibility is that the browser reads the first few bytes of the file, looking for common headers, such as "GIF89a" for a gif image. I think I'll research this further... 
Well, I tried it out.
I found out where Firefox got its mime-types from (C:\Documents and Settings\<username>\Application Data\Mozilla\Firefox\Profiles\<profile>\mimeTypes.rdf) and added an entry for .php:
code:
<RDF: Description RDF:about="urn:mimetype:image/png"
NC:value="image/png"
NC:editable="true"
NC:fileExtensions="php"
NC: description="PHP File">
<NC:handlerProp RDF:resource="urn:mimetype:handler:image/png"/>
</RDF: Description>
making Firefox think it's actually image/png. I created a PHP upload script which only made a check on the mime-type:
code:
if ($_FILES['file']['type'] == "image/png")
and tried uploading a .png, it worked fine. I created a .php and uploaded, and that uploaded fine too.
