Reputation: 1283
Permit any file type to be uploaded in Media-Wiki?
I would like to enable all file uploads in Media-Wiki (aside from the ones which are explicitly blacklisted like .exe).
Environment
I am using a virtual-box Linux turnkey ova appliance (turnkey-mediawiki-16.0-buster-amd64) which comes with 16.0 preinstalled.
What I tried 1
I have modified the LocalSettings.php in several ways to get it working. I have had success uploading some files.
Problem is I have a file type (.drawio) which actually contains XML when opened in a text editor. When I upload these I get this error:
File extension ".drawio" does not match the detected MIME type of the file (application/xml).
I can upload the same file if I change the extension to .xml. But I want to force people to change file extensions just to get it to upload.
When they download these files the app looks for this extension and they will have to rename them every time. It will get annoying quickly.
What I tried 2
- I set
$wgFileUpload = On - I added
drawioandxmlboth to the list of$wgFileExtensions. - I made sure
application/xmlis an allowed mime-type in $wgTrustedMediaFormats. - I tried disabling mime-type validation by setting both
$wgCheckFileExtensionsand$wgStrictFileExtensionstofalse.
Context
This is for internal, non-public document wiki so I trust the folks using it and I am comfortable with disabling file extension validation and allowing all file types.
Any other thoughts on what I can try?
Upvotes: 1
Views: 687
Answers (2)
Reputation: 9377
Instead of totally disabling the mime-type verification (security risk), you could also add the missing mapping for file-extension .drawio and mime-type application/xml like described in similar question:
How to skip MIME type check for .OFT file extensions on MediaWiki
In your host-environment (Linux, Debian-based like Media-Wiki Turnkey images) you can modify the mime-types rules at /etc/mime.types, by adding the required mapping from mime-type to file-extension:
application/xml drawio
and add the path to this mime-type file in LocalSettings.php like:
$wgMimeTypeFile = "/etc/mime.types";
Then Media-Wiki will acknowledge the new file-type (mime-type matching file-extension) when verifying the received file and finally allow the upload.
Upvotes: 1
Related Questions
- Can't upload files in Mediawiki
- How to allow all file types for upload in php?
- Unable to upload some files to mediawiki
- mime file type validation on wiki
- PHP File Type Restrictions
- Wordpress plugin development - File upload: How to allow specified file types?
- Wordpress: Restrict file uploads by MIME type
- PHP upload MIME type restrictions
- File uploading certain MIME Types
- Upload any file type to Mediawiki