From f63066b9094e65768572a7d6f70e18174564dd64 Mon Sep 17 00:00:00 2001 From: hinakhadim Date: Fri, 19 Jan 2024 18:36:39 +0500 Subject: [PATCH 1/2] fix: file upload issue valid filetypes --- cms/djangoapps/contentstore/views/assets.py | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/cms/djangoapps/contentstore/views/assets.py b/cms/djangoapps/contentstore/views/assets.py index a06c07b4f2f..daf47b0b3b1 100644 --- a/cms/djangoapps/contentstore/views/assets.py +++ b/cms/djangoapps/contentstore/views/assets.py @@ -4,7 +4,6 @@ import json import logging import math -import mimetypes import re from functools import partial from urllib.parse import urljoin @@ -46,8 +45,7 @@ } -mimetypes.init() -all_mimetypes = list(mimetypes.types_map.values()) + ['text/javascript', 'text/php'] +allowed_mimetypes = settings.ALLOWED_FILE_TYPES @login_required @@ -461,7 +459,7 @@ def _get_sanitized_filename(filename): def _validate_mimetype(file_content_type): - if file_content_type in all_mimetypes: return file_content_type + if file_content_type in allowed_mimetypes: return file_content_type raise InvalidFileTypeException('{} of filetype is not supported'.format(file_content_type)) From 596ef7c56f0bad05f647bfa738dfc7ab88279b36 Mon Sep 17 00:00:00 2001 From: hinakhadim Date: Mon, 22 Jan 2024 10:51:19 +0500 Subject: [PATCH 2/2] fix: add ALLOWED_FILE_TYPES in studio environment --- cms/envs/common.py | 1 + 1 file changed, 1 insertion(+) diff --git a/cms/envs/common.py b/cms/envs/common.py index a9ea495b084..54748af34b2 100644 --- a/cms/envs/common.py +++ b/cms/envs/common.py @@ -2714,3 +2714,4 @@ DISCUSSIONS_INCONTEXT_FEEDBACK_URL = '' DISCUSSIONS_INCONTEXT_LEARNMORE_URL = '' +ALLOWED_FILE_TYPES = ['image/png', 'image/jpeg', 'application/pdf', 'application/msword', 'video/mp4'] \ No newline at end of file