How to skip MIME type check for .OFT file extensions on MediaWiki

Question

On my private wiki, I have enabled the uploading of Microsoft Outlook 2016 Email Templates (.oft) using $wgFileExtensions. But when uploading an oft file, I'm faced with the error File extension ".oft" does not match the detected MIME type of the file (application/sla).

Is there a way to fix or overcome this? Or perhaps a way to skip MIME checks for oft files only? And if so, would you be able to help me with the necessary code please?

I'd also like Outlook to run when clicking on the file link. But that isn't as importing as fixing the error... Thanks for any help.

Answer 1

There's a quick way and a more secure way.

The easiest option would be to allow uploads where the MIME type doesn't match the extension. You can do this by adding the following in your LocalSettings.php (making sure no conflicting statement is on another line:

$wgStrictFileExtensions = "false";

Disabling $wgStrictFileExtensions is a serious security risk as stated in the Mediawiki documentation, so only do this if you trust all users with upload rights. It will give users a warning about the file type, but upload the file anyway. To not have MediaWiki check at all, outright disable $wgVerifyMimeType with:

$wgVerifyMimeType= "false";

A more proper way is to have MediaWiki know 'application/sla' is OK for .oft files. The default MIME-type database expects files with that extension to be ODF formula templates. You can change that by supplying MediaWiki with your own definition file for MIME types. In Linux, you might have - in Debian for example, it's /etc/mime.types. You can add the line

application/sla                oft

And make sure LocalSettings.php has $wgMimeTypeFile set to link to that file. In the Debian example:

$wgMimeTypeFile = "/etc/mime.types";

Answer 2

After reading further, I finally found a non-hacky solution to upload .oft:

1. If not already done, add .oft files to the list of supported extensions ( $wgFileExtensions)
2. In MediaWiki 1.34.2, edit /includes/libs/mime/mime.types and modify application/sla stl to application/sla stl oft. (As far as I know, this directory is changed for 1.35+)

That's it! Without lowering and amending security, I can now upload .oft files.

Hope this helps others struggling with this.