Whitelisting / Blacklisting of file types

Second Layer of Filter: MIME Type Checking


For each configured extension, Attachment Checker retrieves and displays a list of associated extensions which maps to the same MIME type. For security reasons, MIME type guessing has led to security exploits where the contents of a dangerous file are processed, despite having an incorrect MIME type. Thus, serving content using the correct MIME type is to prevent malicious content from affecting user's devices.

Within both filter modes, Attachment Checker now provides a second layer of filter – MIME Type Checking, which prevents the bypass of the first layer of filter – Extension Checking by renaming the extension. Please refer to Release Notes for 2.4.1 on how MIME Type Checking for more information.

Filtering Modes


Attachment Checker for Jira offers 2 types of filtering mode.

Whitelisting Mode

(Default)

Only file types that is configured are allowed to be attached and uploaded into Jira. All other file types will be blocked.

This mode is useful when administrators want to restrict the file types to be allowed.

For example, the List of extensions is configured to be JPG, PNG, GIF, SVG.

Only JPG (associated extensions: JPEG, JPE, JIF, JFIF, JFI), PNG, GIF and SVG (associated extensions: SVGZfiles will be allowed.

Blacklisting Mode

Only file types that is configured are blocked from being attached and uploaded into Jira. All other file types will be allowed.

This mode is useful when administrators want to block certain file types (e.g. file types that are known to transmit viruses).

For example, the List of extensions is configured to be EXE.

Only EXE (associated extensions: DLL, COM, BAT) files will be blocked.



Recommended list of types to whitelist

You can use the following list of attachments

  • Images - gif,jpg,png
  • Text files - txt, log, xml
  • Office Documents - doc, docx, xls, xlsx, ppt, pptx, pdf
txt,log,xml,doc,docx,xls,xlsx,ppt,pptx,pdf,gif,jpg,png


References