On 26/08/06, Walter Vermeir <walter(a)wikipedia.be> wrote:
Currently when you upload a non-supported file format
I have the very
strong impression the check of the is allowed is done after the file is
uploaded. That is annoying for the user and a waste resources to upload
the file.
The pre-upload check couldn't determine that the user *was* passing a
file which was, e.g. a GIF, a JPEG, a PNG...that has to happen through
server-side MIME detection, which is done post-facto.
The most we could do is to check that the extension was on the allowed
list; we'd still have to check *what* the user uploaded afterwards and
make sure it was still allowed.
Rob Church