You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The Upload plugin validates files based on their actual MIME type rather than the declared file extension.
334
-
Only files matching the defined security rules are uploaded; others are filtered out.
334
+
Only files matching the defined security rules are uploaded.
335
335
336
336
The `security` configuration provides 2 options: `allowedTypes` or `deniedTypes`, which let you control which file types can or cannot be uploaded.
337
337
338
338
:::note
339
-
It's best to define either `allowedTypes`or`deniedTypes`, not both, to avoid conflicts in file validation logic.
339
+
You can use `allowedTypes`and`deniedTypes` separately or together to fine-tune which files are accepted. Files must match an allowed type and must not match any denied type. If you use a wildcard like `*`in `allowedTypes`, you can narrow down the validation by specifying exceptions in `deniedTypes`.
340
340
:::
341
341
342
-
You can provide them by creating or editing [the `/config/plugins` file](/cms/configurations/plugins). The following example sets the `allowedTypes`filter:
342
+
You can provide them by creating or editing [the `/config/plugins` file](/cms/configurations/plugins). The following is an example of how to combine `allowedTypes`and `deniedTypes`:
0 commit comments