Validate file mime type in AttachmentCreator soap web service [New in Security Center 1.3 and updated in 1.5]

Australia Platform security

Release

australia

ft:locale

pt-BR

ft:publication_title

Australia Platform security

ft:clusterId

psec

bundleId

psec

workflow

Platform

Validate file mime type in AttachmentCreator soap web service [New in Security Center 1.3 and updated in 1.5]

Versão de lançamento: Australia

Atualizado 12 de mar. de 2026

1 min. de leitura

The glide.attachment.enforce_security_validation property determines whether Multipurpose internet Mail Extensions (MIME) files undergo validation.

Ensure that MIME-types are validated for attachments to prevent dangerous files from being uploaded on your instance using wrong file extensions.

Set the glide.attachment.enforce_security_validation system property to true. When set to true, files are uploaded with the correct file type extension.

More information


Attribute	Description
Configuration name	glide.attachment.enforce_security_validation
Configuration type	System Properties (/sys_properties_list.do)
Data type	Boolean
Recommended value	true
Default value	true
Category	File and resources
Security risk	Severity score: 6.7 CVSS score: Medium Security risk details: If the property is set to false, there’s no validation for MIME files during uploads. This could enable malicious files to be disguised by changing their file extension.
Dependencies and prerequisites	None
References	https://developer.mozilla.org/en-US/docs/Web/HTTP/Basics_of_HTTP/MIME_types/Common_types
Functional impact	Set this hardening setting to true to run mime-type and file extension validations on uploaded file attachments. No validations are run if this property is set to false. This property is set to true by default.