i got one of my user asking me to use the function FileInfo to validate the MIME type of the current file based on certain bites in the file itself instead of just the file extension...
this is weird to me because...whats the point of using MIME type if you can fake example a .jpg file that contain executable content and execute it...
so do im wrong or this kind of validation is totally useless ?
this is weird to me because...whats the point of using MIME type if you can fake example a .jpg file that contain executable content and execute it...
so do im wrong or this kind of validation is totally useless ?