NAME

    Catalyst::Plugin::CheckFileUploadTypes - check file uploads are
    expected and right types

SYNOPSIS

      use Catalyst qw(CheckFileUploadTypes);
    
      # Actions can declare that they expect to receive file uploads:
      sub upload_file : Local ExpectUploads { ... }
    
      # They can also specify that any uploaded files must be of expected types
      # (determined from file content by File::MMagic, not what the client said)
      sub upload_file : Local ExpectUploads(image/jpeg image/png) { ... }

DESCRIPTION

    This plugin allows Catalyst apps to easily accept and validate file
    uploads.

    If the action a request is about to be handed to does not declare that
    it expects file uploads, by setting a ExpectUploads attribute, and the
    HTTP request contains one or more file uploads, the request will be
    rejected.

    The action can also specify the type(s) of files it expects to receive,
    and the request will be rejected if an uploaded file is of a different
    type (as determined by File::MMagic from the file's content, not
    trusting the file extension or what the client says it is). This avoids
    uploading executable files / scripts etc to an action which expects
    image uploads, for instance.

AUTHOR

    David Precious (BIGPRESH), <davidp@preshweb.co.uk>

COPYRIGHT AND LICENCE

    Copyright (C) 2023 by David Precious

    This library is free software; you can redistribute it and/or modify it
    under the same terms as Perl itself.