On 26/08/06, Walter Vermeir walter@wikipedia.be wrote:
Currently when you upload a non-supported file format I have the very strong impression the check of the is allowed is done after the file is uploaded. That is annoying for the user and a waste resources to upload the file.
The pre-upload check couldn't determine that the user *was* passing a file which was, e.g. a GIF, a JPEG, a PNG...that has to happen through server-side MIME detection, which is done post-facto.
The most we could do is to check that the extension was on the allowed list; we'd still have to check *what* the user uploaded afterwards and make sure it was still allowed.
Rob Church