Seems file extensions are not validated during multiupload

[tifabien]

Hi,

I'm using the bundle and my user raised an issue related to file extensions. It seems that the allowedExtensions and the allowedMimeTypes properties are not took into account when the MultiUploadController::multiUploadAction method is used.

How can we do to validate the media when this controller action is called and how can we handle the form violation messages in the view?

• [x] Add file extension validation by javascript
• [x] Add MimeType validation by javascript
• [x] Handle Messages by javascript
• [x] Update Documentation
• [x] Create UPGRADE note
• [ ] Use Symfony Form validation on POST

Thanks for your help!

[silasjoisten]

@tifabien is there still the need for the symfony form validation? Because its already happening on js side with mimetype and file extension

[OskarStark]

IIRC symfony will release symfony/mime component soon. Can this help?

[silasjoisten]

The mime-types comes from provider so before post to multiUploadAction it gets validated. So the validation depends on the configuration of the provider

   sonata.media.provider.video:
       # ...
        arguments:
           # ....
            - ['mp4', 'mov', 'flv', 'wmv', 'mxf', 'mkv','m4v','mpg']
            - ['video/mp4', 'video/quicktime', 'video/x-flv','video/x-ms-wmv','application/mxf','video/x-matroska','video/x-m4v','video/mpeg']

[tifabien]

@silasjoisten I don't really remember the origin of my issue but I think there is still a need of using the Symfony form validation as I think we should not trust only the client side and do also our own validation in the controller method (isFormValid, handleRequest, ...) This way we could also for exemple use the Validator component in the Media Entity.