[wp-trac] [WordPress Trac] #32544: No function exposes all supported MIME types

WordPress Trac noreply at wordpress.org
Mon Jun 1 05:17:56 UTC 2015 

#32544: No function exposes all supported MIME types
--------------------------+------------------------------
 Reporter:  dan.rossiter  |       Owner:
     Type:  enhancement   |      Status:  new
 Priority:  normal        |   Milestone:  Awaiting Review
Component:  Media         |     Version:  4.2.2
 Severity:  normal        |  Resolution:
 Keywords:                |     Focuses:
--------------------------+------------------------------
Description changed by rmccue:

Old description:

> `wp_get_mime_types()` returns the default WP MIME types, and
> `get_allowed_mime_types()` returns the default WP MIME types + added MIME
> types through the `upload_mimes` filter, but the kicker with the latter
> is that it is filtered based on the currently authenticated user.
>
> There needs to be a way to retrieve all MIME types supported, both the
> default and the ones added through the `upload_mimes` filter, regardless
> of who is authenticated.
>
> I understand there are security reasons for not allowing users to *add*
> (or write) attachments of a given MIME type, but when a user is reading
> there needs to be a way to retrieve an unrestricted list of all MIME
> types.
>
> An example use case is below, where all supported MIME types for a
> service are retrieved from its API and then the subset of types that are
> both supported by the WordPress install and the service are kept.
>
> function get_service_mime_types() {
>    // the desired function to get un-sanitized MIME types
>    $wp_types = wp_get_all_mime_types();
>
>    // get intersection of WP / service MIME types
>    $allowed = array_intersect($wp_types, get_service_mime_types());
>    $allowed = array_keys($allowed);
>
>    return $allowed;
> }
>
> As a work-around, I'm currently using the following, but it's flawed --
> if a custom MIME type is added conditionally by user type, it won't be
> included which is not the desired behavior.
>
> `array_merge(wp_get_mime_types(), get_allowed_mime_types())`

New description:

 `wp_get_mime_types()` returns the default WP MIME types, and
 `get_allowed_mime_types()` returns the default WP MIME types + added MIME
 types through the `upload_mimes` filter, but the kicker with the latter is
 that it is filtered based on the currently authenticated user.

 There needs to be a way to retrieve all MIME types supported, both the
 default and the ones added through the `upload_mimes` filter, regardless
 of who is authenticated.

 I understand there are security reasons for not allowing users to *add*
 (or write) attachments of a given MIME type, but when a user is reading
 there needs to be a way to retrieve an unrestricted list of all MIME
 types.

 An example use case is below, where all supported MIME types for a service
 are retrieved from its API and then the subset of types that are both
 supported by the WordPress install and the service are kept.

 {{{
 function get_service_mime_types() {
    // the desired function to get un-sanitized MIME types
    $wp_types = wp_get_all_mime_types();

    // get intersection of WP / service MIME types
    $allowed = array_intersect($wp_types, get_service_mime_types());
    $allowed = array_keys($allowed);

    return $allowed;
 }
 }}}

 As a work-around, I'm currently using the following, but it's flawed -- if
 a custom MIME type is added conditionally by user type, it won't be
 included which is not the desired behavior.

 {{{
 array_merge(wp_get_mime_types(), get_allowed_mime_types())
 }}}

--

--
Ticket URL: <https://core.trac.wordpress.org/ticket/32544#comment:1>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform

More information about the wp-trac mailing list