Make WordPress Core

Opened 4 years ago

#50098 new defect (bug)

CSVs that contain HTML fail upload test

Reported by: jakept's profile JakePT Owned by:
Milestone: Awaiting Review Priority: normal
Severity: normal Version:
Component: Upload Keywords: needs-patch
Focuses: Cc:


WordPress 5.0.1 (I believe) introduced file type checking so that uploaded files needed to be the correct MIME type for its extension. This caused CSVs detected as text/plain to fail the upload test. WordPress 5.0.3 fixed this so that .csv files can be uploaded if detected as text/plain (#45615, [44443]).

However, in trying to uploaded CSVs exported from WooCommerce, I have encountered CSVs that are detected as text/html if they have enough HTML in the product descriptions. So these files exported from WooCommerce cannot be re-uploaded to WooCommerce.

I have worked around the issue using the wp_check_filetype_and_ext filter, but ideally a similar carve-out for text/plain would be made for text/html.

I don't have time to write a patch right now, but I might be able to take a crack at it later this week/next week if no one else can.

For reference, this is how I bypassed the issue with the filter:

	function( $wp_check_filetype_and_ext, $file, $filename, $mimes, $real_mime ) {
		$wp_filetype = wp_check_filetype( $filename );

		if ( 'text/html' === $real_mime && 'text/csv' === $wp_filetype['type'] ) {
			$wp_check_filetype_and_ext = [
				'ext'              => $wp_filetype['ext'],
				'type'             => $wp_filetype['type'],
				'proper_filename'  => $filename,

		return $wp_check_filetype_and_ext;

Change History (0)

Note: See TracTickets for help on using tickets.