Commit f141ad7b authored by Tom van Bussel's avatar Tom van Bussel
Browse files

Validate uploaded album archives with libmagic

parent d30ccd62
......@@ -12,3 +12,4 @@ djangorestframework>=3.5.3,<3.6
import magic
import os
import tarfile
from zipfile import ZipFile, is_zipfile, ZipInfo
......@@ -14,7 +15,7 @@ from .models import Album, Photo
def validate_uploaded_archive(uploaded_file):
types = ['application/gzip', 'application/zip']
if uploaded_file.content_type not in types:
if magic.from_buffer(, mime=True) not in types:
raise ValidationError("Only zip and tar files are allowed.")
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment