Asked  7 Months ago    Answers:  5   Viewed   47 times

I'm trying to decide which mime type to choose for returning mp3 data (served up by php)

according to this listing of mime types: http://www.webmaster-toolkit.com/mime-types.shtml

.mp3    audio/mpeg3
.mp3    audio/x-mpeg-3
.mp3    video/mpeg
.mp3    video/x-mpeg

What are the difference between these, and which should I use?

 Answers

78

Your best bet would be using the RFC defined mime-type audio/mpeg.

Wednesday, March 31, 2021
 
coolguy
answered 7 Months ago
19

If your using Apache .htaccess can be used to map mime types.

moreinfo Here is IANA's List of MIME TYPES

Wednesday, March 31, 2021
 
Null
answered 7 Months ago
10

Never trust the mime type, this can be easily spoofed by the client. They could submit an exe and give it a mime type of text/plain if they wanted to.

All zip files begin with a standard local file header signature (0x04034b50) so you could check that the first 4 bytes of the file match the zip signature bytes. See the PKZIP Appnote for more details.

If you have the zip extension enabled, you can go even further and attempt to open and read the zip to make sure it is a fully valid zip file.

Something like this works well:

$zip = zip_open('/path/to/file.zip');
if (is_int($zip)) {
    echo "Error $zip encountered reading the file, is it a valid zip?";
} else {
    echo "Thanks for uploading a valid zip file!";
}

zip_open returns a resource if opened successfully, otherwise an integer representing the error that occurred reading the file.

EDIT: To elaborate on some of your questions:

About application/octet-stream: This is as you said, a very generic type. This just means any file that contains 8-bit data which is basically everything and anything. application/zip is the de-facto standard mime-type, but some clients will use other values as you have discovered. Also given the fact that a client can easily spoof any file type to use application/zip I wouldn't rely on $_FILES['fileatt']['type'] since it can be anything.

AFIK, mime_content_type() simply looks at the file extension and maps it to a mime type from a mime.types file on the system or built into PHP. If someone put a .zip extension on an exe file it would still register as application/zip. I beleive certain extensions may examine the file header.

Zip::open() returns TRUE if the file was opened successfully, or an integer error code. Therefore, == will give you a false positive on an error because any non-zero integer will evaluate to true using == since it will cast a non-zero integer to TRUE. If you are going to check the return from Zip::open you should always use $res === true in order to check for success. You can find the meanings of the error codes here in the comment at the bottom of the page.

Bottom Line: Since you said you are already extracting the zip, it may be less of a bother to validate based on the mime type, but instead it would be easier to just attempt to open the file and go based on the return value of open. If it returns true, you can figure the file is a valid zip (there could of course be errors later in the file, but they at least uploaded something resembling a zip file).

Hope that helps you out.

Saturday, May 29, 2021
 
BradM
answered 5 Months ago
79

According to this XML file from the (defunct?) GNOME RAW Thumbnailer project, the MIME type for raw images in general is image/x-dcraw. Listed by their file extensions, here are the other file types mentioned in that file:

  • ARW: image/x-sony-arw
  • CR2: image/x-canon-cr2
  • CRW: image/x-canon-crw
  • DCR: image/x-kodak-dcr
  • DNG: image/x-adobe-dng
  • ERF: image/x-epson-erf
  • K25: image/x-kodak-k25
  • KDC: image/x-kodak-kdc
  • MRW: image/x-minolta-mrw
  • NEF: image/x-nikon-nef
  • ORF: image/x-olympus-orf
  • PEF: image/x-pentax-pef
  • RAF: image/x-fuji-raf
  • RAW: image/x-panasonic-raw
  • SR2: image/x-sony-sr2
  • SRF: image/x-sony-srf
  • X3F: image/x-sigma-x3f
Saturday, October 9, 2021
 
ssk
answered 2 Weeks ago
ssk
13

XHTML 5 is not a standard. XHTML 2 does prescribe a new doctype, though XHTML 2 is not supported by any modern browsers (as it is largely unfinished).

HTML5Doctor recommends that if targeting an "XHTML5" approach, simply use the HTML5 doctype, which makes sense. The HTML5 doctype is compatible with IE7/8.

http://html5doctor.com/html-5-xml-xhtml-5/

Remember, to use HTML5 (properly) in IE <9, you need to include the HTML 5 shiv.

http://ejohn.org/blog/html5-shiv/

Also, in terms of a MIME type for XHTML5, you MUST serve the content with application/xhtml+xml or application/xml, which older version of IE will NOT support. Thus, if you're trying to take a purist approach, you CANNOT have IE 6/7 support.

Wednesday, October 20, 2021
 
JoJo
answered 5 Days ago
Only authorized users can answer the question. Please sign in first, or register a free account.
Not the answer you're looking for? Browse other questions tagged :