Validate application/octet-stream MIME type for JPG with PaperClip Gem

Asked Dec 22 '15 at 15:25

Active Dec 22 '15 at 15:25

Viewed 733 times

My Rails 4.2.5 app is receiving JPG uploads from a mobile app. However, the MIME Type in the headers is:

application/octet-stream

PaperClip 4.3.2 returns the following error:

[paperclip] Content Type Spoof: Filename 70221009989740.jpg (application/octet-stream from Headers, ...

I bypassed this issue using:

validate_media_type => false

and

do_not_validate_attachment_file_type

options.

However, this seems insecure. How can the media_type and file_type be correctly validated on MIME Type "application/octet-stream"?

asked Dec 22 '15 at 15:25

fnllc

maybe while sending data from your mobile application, you need to set correct headers for your data. – Sudipta Mondal Dec 22 '15 at 15:42
How exactly are you uploading these images? AJAX, form submission, etc. – Joeman29 Dec 22 '15 at 16:05
I use the "Rho::AsyncHttp.upload_file" function from Rhomobile to send these pictures from the mobile app. The content_type is set to "application/octet-stream" there. I may have shot myself in the foot with this one. – fnllc Dec 22 '15 at 20:16

0 Answers0