Please add .ics to security guidelines' "whitelist."

[janas]

I upload files (usually images for display, sometimes PDFs for download) either from the WordPress dashboard ("Add New Media" on left column), or from the "Add Media" button while editing a page ("Upload/Insert" above the editing box).

The uploader uploads my ICS (iCal Export) file, then says in red: "File type does not meet security guidelines. Try another."

I want to be able to upload our ICS file, for our fans to download and import into their calendars if they choose. Personally, I frequently download ICS files from Facebook event pages and other sources for import into my own iCal—as a fan I find quite a handy time-saver.

ICS files are not executables, so I don't know that they could be used maliciously.

Thank you.

Plugin in the meantime: ​http://wordpress.org/extend/plugins/pjw-mime-config/, or disable filtered uploads if you trust all of your users.

There's a really simple fix for this:

function allow_new_filetypes( $mimes ) {
	$mimes['ics'] = 'text/calendar';
}

add_filter( 'upload_mimes', 'allow_new_filetypes' );

You can put that in your theme's functions.php file, or put it in a file and drop it in your mu-plugins folder.

Replying to aaroncampbell:

There's a really simple fix for this:

function allow_new_filetypes( $mimes ) {
	$mimes['ics'] = 'text/calendar';
}

add_filter( 'upload_mimes', 'allow_new_filetypes' );

You can put that in your theme's functions.php file, or put it in a file and drop it in your mu-plugins folder.

Don't forget the:

return $mimes

At the end of the function

Thanks Westi. I can't believe I left it off (guess that's what you get when you just type the code here in the ticket rather than testing it first). I updated my code above in case anyone tries to copy/paste.

In [18091]:

Add .ics / text/calendar to the whitelist of allowed file types. Fixes #15916 props SergeyBiryukov