shadiadiph Posted February 13, 2009 Share Posted February 13, 2009 Is there anywhere I can find a list of dangerous MIME types I have tried Yahoo and Google not much on there? Link to comment https://forums.phpfreaks.com/topic/145131-list-of-dangerous-mime-types/ Share on other sites More sharing options...
samshel Posted February 13, 2009 Share Posted February 13, 2009 dangerous ? Link to comment https://forums.phpfreaks.com/topic/145131-list-of-dangerous-mime-types/#findComment-761733 Share on other sites More sharing options...
shadiadiph Posted February 13, 2009 Author Share Posted February 13, 2009 potentially harmful known to be used for viruses or spybot Link to comment https://forums.phpfreaks.com/topic/145131-list-of-dangerous-mime-types/#findComment-761741 Share on other sites More sharing options...
shadiadiph Posted February 14, 2009 Author Share Posted February 14, 2009 Sorry let me be more specific potentially harmful mime-types that you really would not want someone to attach to an attachment file such as application/octet-stream application/x-msdownload application/x-spss Link to comment https://forums.phpfreaks.com/topic/145131-list-of-dangerous-mime-types/#findComment-761756 Share on other sites More sharing options...
corbin Posted February 14, 2009 Share Posted February 14, 2009 Not sure exactly what you're doing, but I generally follow 2 rules: 1. Never trust mime-types. They can be faked. Always go by file extensions, since they are usually what decides how a file gets handled (by Apache anyway, and on Windows... on linux it's a bit different) 2. Always white list if possible. It's easier to keep a list of what is allowed than maintain a list of what is not allowed. Link to comment https://forums.phpfreaks.com/topic/145131-list-of-dangerous-mime-types/#findComment-761797 Share on other sites More sharing options...
blueman378 Posted February 14, 2009 Share Posted February 14, 2009 what i might suggest is have a play with google mail to see what it will allow you to upload ect. Link to comment https://forums.phpfreaks.com/topic/145131-list-of-dangerous-mime-types/#findComment-761854 Share on other sites More sharing options...
shadiadiph Posted February 16, 2009 Author Share Posted February 16, 2009 ok thanks i will do Link to comment https://forums.phpfreaks.com/topic/145131-list-of-dangerous-mime-types/#findComment-763247 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.