Determine if uploaded file is image (any format) on MVC

by

In case it can helps anyone, Here is a static method for HttpPostedFileBase that checks if a given uploaded file is an image:

public static class HttpPostedFileBaseExtensions
{
    public const int ImageMinimumBytes = 512;

    public static bool IsImage(this HttpPostedFileBase postedFile)
    {
        //-------------------------------------------
        //  Check the image mime types
        //-------------------------------------------
        if (!string.Equals(postedFile.ContentType, "image/jpg", StringComparison.OrdinalIgnoreCase) &&
            !string.Equals(postedFile.ContentType, "image/jpeg", StringComparison.OrdinalIgnoreCase) &&
            !string.Equals(postedFile.ContentType, "image/pjpeg", StringComparison.OrdinalIgnoreCase) &&
            !string.Equals(postedFile.ContentType, "image/gif", StringComparison.OrdinalIgnoreCase) &&
            !string.Equals(postedFile.ContentType, "image/x-png", StringComparison.OrdinalIgnoreCase) &&
            !string.Equals(postedFile.ContentType, "image/png", StringComparison.OrdinalIgnoreCase))
        {
            return false;
        }

        //-------------------------------------------
        //  Check the image extension
        //-------------------------------------------
        var postedFileExtension = Path.GetExtension(postedFile.FileName);
        if (!string.Equals(postedFileExtension , ".jpg", StringComparison.OrdinalIgnoreCase)
            && !string.Equals(postedFileExtension , ".png", StringComparison.OrdinalIgnoreCase)
            && !string.Equals(postedFileExtension , ".gif", StringComparison.OrdinalIgnoreCase)
            && !string.Equals(postedFileExtension , ".jpeg", StringComparison.OrdinalIgnoreCase))
        {
            return false;
        }

        //-------------------------------------------
        //  Attempt to read the file and check the first bytes
        //-------------------------------------------
        try
        {
            if (!postedFile.InputStream.CanRead)
            {
                return false;
            }
            //------------------------------------------
            //   Check whether the image size exceeding the limit or not
            //------------------------------------------ 
            if (postedFile.ContentLength < ImageMinimumBytes)
            {
                return false;
            }

            byte[] buffer = new byte[ImageMinimumBytes];
            postedFile.InputStream.Read(buffer, 0, ImageMinimumBytes);
            string content = System.Text.Encoding.UTF8.GetString(buffer);
            if (Regex.IsMatch(content, @"<script|<html|<head|<title|<body|<pre|<table|<a\s+href|<img|<plaintext|<cross\-domain\-policy",
                RegexOptions.IgnoreCase | RegexOptions.CultureInvariant | RegexOptions.Multiline))
            {
                return false;
            }
        }
        catch (Exception)
        {
            return false;
        }

        //-------------------------------------------
        //  Try to instantiate new Bitmap, if .NET will throw exception
        //  we can assume that it's not a valid image
        //-------------------------------------------

        try
        {
            using (var bitmap = new System.Drawing.Bitmap(postedFile.InputStream))
            {
            }
        }
        catch (Exception)
        {
            return false;
        }
        finally
        {
             postedFile.InputStream.Position = 0;
        }

        return true;
    }
}

Edit 2/10/2017: According to a suggested edit, added a finally statement to reset the stream, so we can use it later.

More Related Contents:

  1. ASP.NET MVC Razor pass model to layout
  2. ASP.NET MVC Razor render without encoding
  3. How to declare a local variable in Razor?
  4. How to edit multiple models in a single Razor View
  5. Uploading image in ASP.NET MVC
  6. How to get the Display Name Attribute of an Enum member via MVC Razor code?
  7. ASP.NET MVC: Custom Validation by DataAnnotation
  8. Prevent Caching in ASP.NET MVC for specific actions using an attribute
  9. Restarting (Recycling) an Application Pool
  10. How do I use a C# keyword as a property name?
  11. Could not find a part of the path … bin\roslyn\csc.exe
  12. Custom validation attribute that compares the value of my property with another property’s value in my model class
  13. Passing data to Master Page in ASP.NET MVC
  14. How to use dependency injection with an attribute?
  15. @Html.Action in Asp.Net Core
  16. How do I define a method in Razor?
  17. I want to understand the lambda expression in @Html.DisplayFor(modelItem => item.FirstName)
  18. ASP.NET MVC get textbox input value
  19. Do asynchronous operations in ASP.NET MVC use a thread from ThreadPool on .NET 4
  20. ‘object’ does not contain a definition for ‘X’
  21. Incorrect List Model Binding indices when using HTML Helpers
  22. MVC 5 BeginCollectionItem with Partial CRUD
  23. How to specify data attributes in razor, e.g., data-externalid=”23151″ on @this.Html.CheckBoxFor(…)
  24. MEF with MVC 4 or 5 – Pluggable Architecture (2014)
  25. How to retain spaces in DropDownList – ASP.net MVC Razor views
  26. Model binding with nested child models and PartialViews in ASP.NET MVC
  27. log4net with DI Simple Injector
  28. System.web.mvc missing
  29. ASP.NEt MVC using Web API to return a Razor view
  30. Uploading Files Not Working – Need Assistance

Leave a Comment