FileBarrier.Core is a simple little library (for .NET Core >= 2.1) built to help you to check if the uploaded file
is meeting the validation requirements you have by providing whitelist to it.
It is an extension method on IFormFile
.
Download the package form NuGet FileBarrier.Core. Current release is 1.0.5.
This library gives you different ways to check if the file is valid or not. You can check for:
- CheckExtensions: When you want to check for
the file extension
against a whitelist of the allowed file extensions (provided by you the developer). - CheckFileContentTypeToFileExtension: This will check if the
MIME-type
of the provided file is correct forthe file extension
, then it will check against a whitelist of the allowed MIME-types (provided by you the developer). - CheckContentType: will check if the
MIME-type
of the provided file is in the a whitelist of the allowed MIME-types (provided by you the developer). - CheckFileSize: will check if the file size is <= a specific size (provided by you the developer).
- AllLayers: will check for all above layers.
Things you need to provide depends on the layers you want:
- If you want to use the CheckExtensions layer: then you need to provide
allowedExtensions
a string contains the allowed extensionscomma-separated, e.g: "txt,pdf,doc,docx"
, otherwise anArgumentNullException
will be thrown. - If you want to use the CheckFileContentTypeToFileExtension layer: then you need to provide
allowedContentTypes
a string contains the allowed extensionscomma-separated, e.g: "text/plain,application/pdf,application/msword"
. - If you want to use the CheckContentType layer: then you need to provide
allowedContentTypes
a string contains the allowed extensionscomma-separated, e.g: "text/plain,application/pdf,application/msword"
, otherwise anArgumentNullException
will be thrown. - If you want to use the CheckFileSize layer: then you need to provide
maxSingleFileSize
the maximun file sieze, otherwise anArgumentNullException
will be thrown. - If you want to check for AllLayers: then you need to provide
allowedExtensions, allowedContentTypes, and maxSingleFileSize
.
After providing the required information, then you can check if the file is allowed or not by calling either:
- IsFileAllowed: returns
boolean
to indicates if the file is allowed or not against the selected layers. E.g.:
...
private const string ALLOWED_MIME_TYPES = "image/png,image/jpeg";
private const string ALLOWED_EXTENSIONS = "png,jpeg";
public IFormFile File { get; set; }
...
public void OnlyPngOrJpeg(){
var isAllowed = File.IsFileAllowed(ALLOWED_EXTENSIONS, ALLOWED_MIME_TYPES, null, FileCheckLayers.CheckExtensions, FileCheckLayers.CheckExtensions, FileCheckLayers.CheckFileContentTypeToFileExtension, FileCheckLayers.CheckContentType);
if(!isAllowed) {
//do whaterver you need to do.
}
}
- IsAllowed: returns
BarrierResponse
to give you more information about on which layer the checking has occurred (if possible). E.g.:
...
private const string ALLOWED_MIME_TYPES = "image/png,image/jpeg";
private const string ALLOWED_EXTENSIONS = "png,jpeg";
public IFormFile File { get; set; }
...
public void OnlyPngOrJpeg(){
var response = File.IsAllowed(ALLOWED_EXTENSIONS, ALLOWED_MIME_TYPES, null, FileCheckLayers.CheckExtensions, FileCheckLayers.CheckExtensions, FileCheckLayers.CheckFileContentTypeToFileExtension, FileCheckLayers.CheckContentType);
if(!response.IsAllowed) {
//do whaterver you need to do, e.g.:
if(response.ErrorType == ErrorType.InvalidExtension)
throw new Exception("Invalid file, only PNG or JPEG files are allowed.");
//or e.g.:
throw new Exception(response.ErrorMessage);
}
}
The BarrierResponse
:
public class BarrierResponse
{
public string ErrorMessage { get; set; }
public bool IsAllowed { get; set; } = true;
public ErrorType? ErrorType { get; set; }
...
}
The ErrorType
:
public enum ErrorType
{
InvalidExtension = 0,
ContentTypeToExtensionMismatch,
InvalidContentType,
FileSizeExceeded,
Unknown
}
The MimeType mapper is mainly built by @samuelneff: https://github.com/samuelneff/MimeTypeMap.