File Access Control: Check Real MIME-Types


im trying to avoid uploads of executables. I’m using this regex: “/^application/(x-dosexec|octet-stream|x-msdownload||x-ms-dos-executable|x-msi)$/i”.

This works fine, as long as there is the right extension like “.exe”. Now I tried to rename the file extension to “.txt”, and it passes to rule.

It seems like the app is checking only the file extension, not the mime-type itself.

Is there any way to block upload for mime-types instead of blocking uploads of the extension?

Many thanks,

we ended up extending the file access control app using this patch: nextcloud-mime-type.patch

the problem of why the mime-type is not determined from file content lies deeper, as can be seen in this other patch which is intended to be only for reference: nextcloud-other-mime-type.patch