1# Allowed uploadable file extensions and mimetypes are defined here.
2# To extend this file it is recommended to create a mime.local.conf
3# file. Mimetypes that should be downloadable and not be opened in the
4# should be prefixed with a !
5
6jpg     image/jpeg
7jpeg    image/jpeg
8gif     image/gif
9png     image/png
10webp    image/webp
11ico     image/vnd.microsoft.icon
12
13mp3     audio/mpeg
14ogg     audio/ogg
15wav     audio/wav
16webm    video/webm
17ogv     video/ogg
18mp4     video/mp4
19vtt     text/vtt
20
21tgz     !application/octet-stream
22tar     !application/x-gtar
23gz      !application/octet-stream
24bz2     !application/octet-stream
25zip     !application/zip
26rar     !application/rar
277z      !application/x-7z-compressed
28
29pdf     application/pdf
30ps      !application/postscript
31
32rpm     !application/octet-stream
33deb     !application/octet-stream
34
35doc     !application/msword
36xls     !application/msexcel
37ppt     !application/mspowerpoint
38rtf     !application/msword
39
40docx    !application/vnd.openxmlformats-officedocument.wordprocessingml.document
41xlsx    !application/vnd.openxmlformats-officedocument.spreadsheetml.sheet
42pptx    !application/vnd.openxmlformats-officedocument.presentationml.presentation
43
44sxw     !application/soffice
45sxc     !application/soffice
46sxi     !application/soffice
47sxd     !application/soffice
48
49odc     !application/vnd.oasis.opendocument.chart
50odf     !application/vnd.oasis.opendocument.formula
51odg     !application/vnd.oasis.opendocument.graphics
52odi     !application/vnd.oasis.opendocument.image
53odp     !application/vnd.oasis.opendocument.presentation
54ods     !application/vnd.oasis.opendocument.spreadsheet
55odt     !application/vnd.oasis.opendocument.text
56
57svg     image/svg+xml
58
59# You should enable HTML and Text uploads only for restricted Wikis.
60# Spammers are known to upload spam pages through unprotected Wikis.
61# Note: Enabling HTML opens Cross Site Scripting vulnerabilities
62#       through JavaScript. Only enable this with trusted users. You
63#       need to disable the iexssprotect option additionally to
64#       adding the mime type here
65#html    text/html
66#htm     text/html
67#txt     text/plain
68#conf    text/plain
69#xml     text/xml
70#csv     text/csv
71
72# Also flash may be able to execute arbitrary scripts in the website's
73# context
74#swf     application/x-shockwave-flash
75
76