Blacklisting or whitelisting file types



I'm wondering if it's possible to blacklist or whitelist files types to upload to EPiServer?

I guess you can sort of whitelist files types by creating some content types and restrict the file types there?

Is there any way to blacklist a bunch of file types?

Sep 02, 2014 8:07

You can create event handlers that do (some logic) when new content is created, for example by sticking some tiny pieces of code in Global.asax.cs:

protected void Application_Start()
    IContentEvents events = ServiceLocator.Current.GetInstance();
    events.CreatingContent += MyEventHandler;

public static void MyEventHandler(object sender, ContentEventArgs e) {
    // Magic happens here

If you just inspect the event handler at runtime and see what can be done with the arguments, you'll probably get some idea of how to proceed :-)

(This sortof assumes you're using CMS 7/7.5, ref the ServiceLocator. If on CMS 6R2 or lower, you find the same events on DataFactory.Instance)

Edited, Sep 02, 2014 22:47

Thanks for your answer, Arve. It was very useful. I guess you can check what kind of contenttype which is created / published by inspecting the e parameter as you are saying. :-)

I also contacted EPiServer directly about this case. They answered something similar to you. They took an example by inspecting the mimetype of the uploaded image as so:

if (e.Content as ImageData != null)
    if (e.Content as ImageData).MimeType == "application/zip";
	e.CancelAction = true;

This is how it could be done. It's possible to inspect different properties related to what is uploaded here. Here you can also inspect the filename, filetype and lots of other metadata.

They also said that you could wire up to the event in an initializeable module.

Sep 03, 2014 15:52
This topic was created over six months ago and has been resolved. If you have a similar question, please create a new topic and refer to this one.
* You are NOT allowed to include any hyperlinks in the post because your account hasn't associated to your company. User profile should be updated.