html - Limit file format when using <input type="file">? -


i'd restrict type of file can chosen native os file chooser when user clicks browse button in <input type="file"> element in html. have feeling it's impossible, i'd know if there is solution. i'd keep solely html , javascript; no flash please.

strictly speaking, answer no. developer cannot prevent user choosing files of type or extension in native os file select dialog box.

but still, accept attribute of <input type = "file"> can provide filter in file select dialog box of os. example,

<!-- (ie 10+, edge, chrome, firefox 42+) -->  <input type="file" accept=".xls,.xlsx" />

should provide way filter out files other .xls or .xlsx. although mdn page input element said supports this, surprise, didn't work me in firefox until version 42. works in ie 10+, edge, , chrome.

so, supporting firefox older 42 along ie 10+, edge, , chrome, guess it's better use comma-separated list of mime-types:

<!-- (ie 10+, edge, chrome, firefox) -->  <input type="file"   accept="application/vnd.openxmlformats-officedocument.spreadsheetml.sheet,application/vnd.ms-excel" />

edge behavior: file type filter dropdown shows file types mentioned here, not default in dropdown. default filter all files (*).

w3c recommends authors specify both mime-types , corresponding extensions in accept attribute. so, best approach is:

<!-- right approach: use both file extensions , corresponding mime-types. -->  <!-- (ie 10+, edge, chrome, firefox) -->  <input type="file"   accept=".xls,.xlsx, application/vnd.openxmlformats-officedocument.spreadsheetml.sheet,application/vnd.ms-excel" />

jsfiddle of same: here.

reference: list of mime-types

important: using accept attribute provides way of filtering out files of types not of interest. browsers still allow users choose files of type. additional (client-side) checks should done (using javascript, 1 way this), , file types must verified on server, using combination of mime-type using both file extension , binary signature (asp.net, php, ruby, java). might want refer these tables file types , magic numbers, perform more robust server-side verification.

here three good reads on file-uploads , security.

edit: may file type verification using binary signature can done on client side using javascript (rather looking @ extension) using html5 file api, still, file must verified on server, because malicious user still able upload files making custom http request.


Comments

Post a Comment

Popular posts from this blog

asp.net - repeatedly call AddImageUrl(url) to assemble pdf document -

i'm using abcpdf , i'm curious if can recursively call addimageurl() function assemble pdf document compile multiple urls? something like: int pagecount = 0; int theid = thedoc.addimageurl("http://stackoverflow.com/search?q=abcpdf+footer+page+x+out+of+", true, 0, true); //assemble document while (thedoc.chainable(theid)) { thedoc.page = thedoc.addpage(); theid = thedoc.addimagetochain(theid); } pagecount = thedoc.pagecount; console.writeline("1 document page count:" + pagecount); //flatten document (int = 1; <= pagecount; i++) { thedoc.pagenumber = i; thedoc.flatten(); } //now try again theid = thedoc.addimageurl("http://stackoverflow.com/questions/1980890/pdf-report-generation", true, 0, true); //assemble document while (thedoc.chainable(theid)) { thedoc.page = thedoc.addpage(); theid = thedoc.addimagetoc
Read more

java - Android recognize cell phone with keyboard or not? -

in android app, want detect user's device if device has keyboard(like motorola milestone) , show corresponding user interface. guys know how that? ! regards justicepenny http://developer.android.com/reference/android/content/res/configuration.html public int keyboard the kind of keyboard attached device. 1 of: keyboard_nokeys, keyboard_qwerty, keyboard_12key. that's it!
Read more

iphone - How would you achieve a LED Scrolling effect? -

how achieve led scrolling effect example below? led sign - led ticker emulator iphone , ipad http://img.skitch.com/20101201-rsfh4p1bajb1wp94k466pdpiuj.preview.jpg sometimes remunerates comment in other posts :) have put code you, should implement font '8pin matrix' realistic feeling. uilabel *label; - (void)viewdidload { [super viewdidload]; label = [[uilabel alloc]initwithframe:cgrectmake(10, 50, 300, 20)]; label.font = [uifont fontwithname:@"courier-bold" size:16.0]; label.backgroundcolor = [uicolor blackcolor]; label.textcolor = [uicolor greencolor]; label.linebreakmode = uilinebreakmodecharacterwrap; // otherwise "…" label.text = @"this led text scrolled "; // blanks space between [self.view addsubview:label]; [nstimer scheduledtimerwithtimeinterval:0.12f target:self selector:@selector(scrolllabel) use
Read more