platform/www/conf/mime.conf


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72

# Allowed uploadable file extensions and mimetypes are defined here.
# To extend this file it is recommended to create a mime.local.conf
# file. Mimetypes that should be downloadable and not be opened in the
# should be prefixed with a !

jpg     image/jpeg
jpeg    image/jpeg
gif     image/gif
png     image/png
ico     image/vnd.microsoft.icon

mp3     audio/mpeg
ogg     audio/ogg
wav     audio/wav
webm    video/webm
ogv     video/ogg
mp4     video/mp4
vtt     text/vtt

tgz     !application/octet-stream
tar     !application/x-gtar
gz      !application/octet-stream
bz2     !application/octet-stream
zip     !application/zip
rar     !application/rar
7z      !application/x-7z-compressed

pdf     application/pdf
ps      !application/postscript

rpm     !application/octet-stream
deb     !application/octet-stream

doc     !application/msword
xls     !application/msexcel
ppt     !application/mspowerpoint
rtf     !application/msword

docx    !application/vnd.openxmlformats-officedocument.wordprocessingml.document
xlsx    !application/vnd.openxmlformats-officedocument.spreadsheetml.sheet
pptx    !application/vnd.openxmlformats-officedocument.presentationml.presentation

sxw     !application/soffice
sxc     !application/soffice
sxi     !application/soffice
sxd     !application/soffice

odc     !application/vnd.oasis.opendocument.chart
odf     !application/vnd.oasis.opendocument.formula
odg     !application/vnd.oasis.opendocument.graphics
odi     !application/vnd.oasis.opendocument.image
odp     !application/vnd.oasis.opendocument.presentation
ods     !application/vnd.oasis.opendocument.spreadsheet
odt     !application/vnd.oasis.opendocument.text

# You should enable HTML and Text uploads only for restricted Wikis.
# Spammers are known to upload spam pages through unprotected Wikis.
# Note: Enabling HTML opens Cross Site Scripting vulnerabilities
#       through JavaScript. Only enable this with trusted users. You
#       need to disable the iexssprotect option additionally to
#       adding the mime type here
#html    text/html
#htm     text/html
#txt     text/plain
#conf    text/plain
#xml     text/xml
#csv     text/csv

# Also flash may be able to execute arbitrary scripts in the website's
# context
#swf     application/x-shockwave-flash