Secure File Upload – Restrict files uploaded via WFFM by Mime type and file size
At the beginning of the year I posted a blog on a secure way to validate uploaded files that goes beyond checking the file extension. I have since redeveloped it from the ground up to exist as a self-contained module which is now available on the Sitecore Marketplace for Sitecore 8 all the way back to 6.5;
Update: I have since released this as a Sitecore Marketplace Module for download. Improvements I have made and the full source code are available in this recent blog post
MIME Type Custom Form Validator
I was recently working on methods to validate files uploaded by End Users and the usual recommendation of checking the file extension didn’t sit right with me, even more so when I found out that the .NET API ultimately just checks the File extension as well.
So the product a mornings work I’ve written a decent method of checking those upload files are what they say they are. In this case I created a Custom Sitecore WFFM Field Validator but its simple enough to port the code to custom web forms. Hopefully another dev will find this suitable as an alternative method.