Prevent the file from being uploaded if the mimeType is invalid #937

predaytor · 2022-08-14T19:08:50Z

predaytor
Aug 14, 2022

Сurrently, regardless of the configuration, the data is loaded to the disk, even after displaying an invalid mimeType error.

upload: {
    staticURL: '/uploads',

    staticDir: path.resolve(__dirname, '../../uploads'),

    mimeTypes: ['image/*'],
}

denolfe · 2022-08-15T13:28:28Z

denolfe
Aug 15, 2022
Maintainer

Thank you for the report @predaytor . I was able to recreate this - moving to an issue. #940

0 replies

Tommy1223454 · 2026-04-07T15:29:12Z

Tommy1223454
Apr 7, 2026

This is exactly why I prefer treating uploads as:

receive -> inspect -> then store/promote

instead of writing first and only then deciding whether the file should have been accepted.

I built an OSS package around that pattern in Node.js:
https://github.com/pompelmi/pompelmi

The goal is to keep the first trust decision inside the application path before persistence, so invalid or suspicious uploads don’t automatically become part of local storage / object storage just because the request reached the server.

0 replies

zubricks · 2026-04-09T15:32:09Z

zubricks
Apr 9, 2026
Collaborator

Resolved with #1212

0 replies

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Prevent the file from being uploaded if the mimeType is invalid #937

Uh oh!

{{title}}

Uh oh!

Replies: 3 comments

Uh oh!

{{title}}

Uh oh!

Uh oh!

{{editor}}'s edit

{{editor}}'s edit

Uh oh!

Uh oh!

{{title}}

Uh oh!

Uh oh!

{{title}}

Uh oh!

Select a reply

Uh oh!

Prevent the file from being uploaded if the mimeType is invalid #937

Uh oh!

predaytor Aug 14, 2022

Replies: 3 comments

Uh oh!

Uh oh!

denolfe Aug 15, 2022 Maintainer

Uh oh!

Tommy1223454 Apr 7, 2026

Uh oh!

zubricks Apr 9, 2026 Collaborator

predaytor
Aug 14, 2022

denolfe
Aug 15, 2022
Maintainer

Tommy1223454
Apr 7, 2026

zubricks
Apr 9, 2026
Collaborator