Validate file mime type in AttachmentCreator soap web service [New in Security Center 1.3 and updated in 1.5]
The glide.attachment.enforce_security_validation property determines whether Multipurpose internet Mail Extensions (MIME) files undergo validation.
Ensure that MIME-types are validated for attachments to prevent dangerous files from being uploaded on your instance using wrong file extensions.
Set the glide.attachment.enforce_security_validation system property to true. When set to true, files are uploaded with the correct file type extension.
More information
| Attribute | Description |
|---|---|
| Configuration name | glide.attachment.enforce_security_validation |
| Configuration type | System Properties (/sys_properties_list.do) |
| Data type | Boolean |
| Recommended value | true |
| Default value | true |
| Category | File and resources |
| Security risk |
|
| Dependencies and prerequisites | None |
| References | https://developer.mozilla.org/en-US/docs/Web/HTTP/Basics_of_HTTP/MIME_types/Common_types |
| Functional impact | Set this hardening setting to true to run mime-type and file extension validations on uploaded file attachments. No validations are run if this property is set to false. This property is set to true by default. |