Which version of ExtFile are you using? Which OS? ExtFile has some
strange hacks to guess the extension it should use. If it is unable to
determine the content type from the upload, it would set in to
"application/octet-stream" (which is OK so far), and then pass this
wrong finding to guess_extension function of mimetypes module chances
are that it will return .obj as extension. Whatever. But then ExtFile
does the following:
mime_ext = guess_extension(content_type or self.content_type)
if mime_ext is not None:
if mime_ext in ('.jpeg', '.jpe'):
mime_ext = '.jpg' # for IE/Win :-(
if mime_ext in ('.obj',):
mime_ext = '.exe' # b/w compatibility
if REPOSITORY_EXTENSIONS == MIMETYPE_APPEND:
id_name = id_name + id_ext
id_ext = mime_ext
well. I would really like to know what does this "b/w" mean in this
context? Not black&white for sure :-). The good news is that you can
simply change this .exe into whatever you like, the name of the
repository file really doesn't matter and I agree .exe is a scary
choice, especially if you are using one very popular operating system.
P.S. Looks like a warm/backdoor actually ;-) heh, Gregor? ;)
Palermo, Tom wrote:
I am working on a project using ExtFile. Lately, when uploading MS
Word files, they get uploaded to the file system as .exe files (eg.
test.doc becomes test.exe) and the content_type is set to
application/octet-stream instead of application/msword. Sometimes the
content_tpye is correct but the file extension is still set to .exe.
Does anyone know what could be causing this? Is there a config setting
in ExtFile that's doing this? Any ideas would be much appreciated.
Zope maillist - Zope@zope.org
** No cross posts or HTML encoding! **
(Related lists -