Upload MIME type restriction (instance security hardening)
Use the glide.security.file.mime_type.validation property to activate MIME type checking for uploads. You can enable (set the property to true) or disable (set it to false) MIME type validation for file attachments.
Prerequisites
Before setting this property, set the glide.attachment.extensions property. Only those extensions specified in glide.attachment.extensions are checked for MIME type during upload. To learn more, see Restrict file extensions.
More information
| Attribute | Description |
|---|---|
| Property name | glide.security.file.mime_type.validation |
| Configuration type | System Properties (/sys_properties_list.do) |
| Configure in Instance Security Center | Yes |
| Purpose | To enforce checking of MIME type / magic bytes during file uploads. |
| Recommended value | true |
| Functional Impact | This remediation enables MIME type verification on the attachments to the application. No functionality impact, unless there is a malicious intent in uploading the files as this validation is merely checking for mis-sync between the MIME type and the data. |
| Security risk | (Medium) To reduce vulnerabilities such as file inclusion and malicious file uploads, MIME type verification should be enabled. |
| References | Administering attachments |
See Instance Security Hardening Settings for details on configuring properties for hardening.
To learn more about adding or creating a system property, see Add a system property.