# Allowed uploadable file extensions and mimetypes are defined here. # To extend this file it is recommended to create a mime.local.conf # file. Mimetypes that should be downloadable and not be opened in the # should be prefixed with a ! jpg image/jpeg jpeg image/jpeg gif image/gif png image/png ico image/vnd.microsoft.icon mp3 audio/mpeg ogg audio/ogg wav audio/wav webm video/webm ogv video/ogg mp4 video/mp4 tgz !application/octet-stream tar !application/x-gtar gz !application/octet-stream bz2 !application/octet-stream zip !application/zip rar !application/rar 7z !application/x-7z-compressed pdf application/pdf ps !application/postscript rpm !application/octet-stream deb !application/octet-stream doc !application/msword xls !application/msexcel ppt !application/mspowerpoint rtf !application/msword docx !application/vnd.openxmlformats-officedocument.wordprocessingml.document xlsx !application/vnd.openxmlformats-officedocument.spreadsheetml.sheet pptx !application/vnd.openxmlformats-officedocument.presentationml.presentation sxw !application/soffice sxc !application/soffice sxi !application/soffice sxd !application/soffice odc !application/vnd.oasis.opendocument.chart odf !application/vnd.oasis.opendocument.formula odg !application/vnd.oasis.opendocument.graphics odi !application/vnd.oasis.opendocument.image odp !application/vnd.oasis.opendocument.presentation ods !application/vnd.oasis.opendocument.spreadsheet odt !application/vnd.oasis.opendocument.text # You should enable HTML and Text uploads only for restricted Wikis. # Spammers are known to upload spam pages through unprotected Wikis. # Note: Enabling HTML opens Cross Site Scripting vulnerabilities # through JavaScript. Only enable this with trusted users. You # need to disable the iexssprotect option additionally to # adding the mime type here #html text/html #htm text/html #txt text/plain #conf text/plain #xml text/xml #csv text/csv # Also flash may be able to execute arbitrary scripts in the website's # context #swf application/x-shockwave-flash
