Make WordPress Core

Opened 4 years ago

Closed 4 years ago

#39951 closed defect (bug) (duplicate)

upload_mimes hook does not work for woff files with media_handle_upload()

Reported by: kontur Owned by:
Milestone: Priority: normal
Severity: normal Version: 4.7.2
Component: Upload Keywords:
Focuses: docs, administration Cc:


I have extended allowed upload mime types as explained (https://codex.wordpress.org/Plugin_API/Filter_Reference/upload_mimes).

Using get_allowed_mime_types() I can confirm those get registered correctly.

However, media_handle_upload() still results in an error: "Sorry, this file type is not permitted for security reasons."

media_handle_upload() calls wp_handle_upload() (https://core.trac.wordpress.org/browser/tags/4.7.2/src/wp-admin/includes/media.php?rev=40103#L281) and in that function wp_check_file_and_ext is called (https://core.trac.wordpress.org/browser/tags/4.7.2/src/wp-admin/includes/file.php?rev=40103#L342).

However, reading the documentation for wp_check_filetype_and_ext() (https://codex.wordpress.org/Function_Reference/wp_check_filetype_and_ext) states:
Currently this function only supports validating images known to getimagesize().

Maybe this is or is not the reason that the extended mime types have no effect. Either way, adding the mime type for woff does not allow those uploads, which seems like a clear bug.

Change History (1)

#1 @SergeyBiryukov
4 years ago

  • Milestone Awaiting Review deleted
  • Resolution set to duplicate
  • Status changed from new to closed

Hi @kontur, welcome to WordPress Trac!

Thanks for the report, we're already tracking this issue in #39550.

Note: See TracTickets for help on using tickets.