Saturday, April 13, 2013

Filetype(MIME type) check Using JMimeMagic

Checking the file extension is not a very strong way to determine the file type. A more robust solution is possible with theJMimeMagic library. JMimeMagic is a Java library (LGLP licence) that retrieves file and stream mime types by checking magic headers.
See the below implementation of JMimeMagic to check the file MIME type
        private String VIRUS_FILE_MIME_TYPE = "???";
private String RTF_FILE_MIME_TYPE = "rtf";
private String MSWORD_FILE_MIME_TYPE = "msword";
private String MIME_TYPE_NOTAVAILABLE = "text/plain";
//file extension check
byte[] buf = new byte[1024];

   if(multipartFile.getBytes().length > 100){
        fileIS.read(buf, 0, 100);
 }else{
     fileIS.read(buf, 0, multipartFile.getBytes().length);
}
 MagicMatch match = null;
String mimeType = null;

try{
match = Magic.getMagicMatch(buf, false);
} catch (MagicParseException mpe){
logger.error("MagicParseException-->"+mpe);
} catch (MagicMatchNotFoundException mmf){
logger.error("MagicMatchNotFoundException-->"+mmf);
} catch (MagicException me){
logger.error("MagicException-->"+me);
}catch (Exception e){
logger.error("Magic Exception-->"+e);
}

if(match != null) {
 mimeType = match.getMimeType();
}

logger.debug("MagicMatch mimeType(contenttype):"+mimeType);

String mimeTypeFirstSubStr="";
String mimeTypeSecondSubStr="";

if(mimeType != null && mimeType.length() >0){
int index = mimeType.indexOf("/");

if(index >0){
// In File MIMETYPE first part (ex. in application/rtf first part application and rtf is second part)
mimeTypeFirstSubStr = mimeType.substring(0, index);
// In File MIMETYPE second part
mimeTypeSecondSubStr = mimeType.substring(index+1, mimeType.length());
}
}

String contentType = multipartFile.getContentType();

logger.debug("File extension content type:"+contentType);

String contentTypeFirstSubStr="";
String contentTypeSecondSubStr="";

if(contentType != null && contentType.length() >0){
int index = contentType.indexOf("/");

if(index >0){
// In File CONTENTTYPE first part (ex. in application/rtf first part application and rtf is second part)
contentTypeFirstSubStr = contentType.substring(0, index);
// In File CONTENTTYPE second part 
contentTypeSecondSubStr = contentType.substring(index+1, contentType.length());

 }

}

 logger.info("File original content type "+ mimeType + " extension content type:"+contentType);  
 
//MIME TYPE check logic
if(mimeType != null && !"".equalsIgnoreCase(mimeType) && !MIME_TYPE_NOTAVAILABLE.equalsIgnoreCase(mimeType)){

if(!"".equalsIgnoreCase(mimeTypeFirstSubStr)&&!"".equalsIgnoreCase(contentTypeFirstSubStr)){
     if(!mimeTypeFirstSubStr.equalsIgnoreCase(contentTypeFirstSubStr)){
    if((!"".equalsIgnoreCase(mimeTypeSecondSubStr) && !"".equalsIgnoreCase(contentTypeSecondSubStr)) && (!mimeTypeSecondSubStr.equalsIgnoreCase(contentTypeSecondSubStr))){

 //If RTF file is converted to MSWORD or MSWORD file is converted to RTF
    if(!(RTF_FILE_MIME_TYPE.equalsIgnoreCase(mimeTypeSecondSubStr) && MSWORD_FILE_MIME_TYPE.equalsIgnoreCase(contentTypeSecondSubStr)) && 
    !(MSWORD_FILE_MIME_TYPE.equalsIgnoreCase(mimeTypeSecondSubStr) && RTF_FILE_MIME_TYPE.equalsIgnoreCase(contentTypeSecondSubStr))){
    notAllowedFile = true;
  }
     
}
  }
    //For virus files
    }else if(mimeType != null && !"".equalsIgnoreCase(mimeType) && VIRUS_FILE_MIME_TYPE.equalsIgnoreCase(mimeType)){
  notAllowedFile = true;
   }
 }

    if(notAllowedFile){
    String message = String.valueOf(XMLConfigurationManager.getInstance().getConfig().getList("CustomerMessage.Errors.DocNotAllowedFileTypeMsg"));
  message = message.substring(1,message.length()-1);
customerMessageService.setErrorMessage(message);
}
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)