I recently came across https://www.drupal.org/project/file_upload_secure_validator
This is a very simple and small module which performs a server side validation for the extension of an uploaded file of any content type's file field. Default drupal 7 file validation is performed by
file_validate_extensions()which only relies on the file name extension.'File Upload Secure Validator' uses the php library
fileinfoand is dependent on that. Therefore the server hosting the drupal instance should have this library enabled. Through this php lib we can perform a more secure and reliable check on the file's mime type and compare that to the allowed file extensions, as these are set by the admin within the content type's field settings.This module is useful when we need to enforce a maximum security mime type detection.
Dependencies The module depends on the php library
fileinfo. Please make sure this library is present and enabled on the server.Installation Install module like usual. No special installation considerations
Configuration No configuration options. After enabling the module, it will perform an alternative server side extension validation on every uploaded file of every content type file field.
Recent comments
This is a really good idea. I nearly always search on GitHub if I'm not sure of the name. That said, there is still room for improvement in GitHub as many repos have a useless description...
Weekly dev meetings to focus on top wish list items start March 26, 2026.
I'd suggest module search to get discussed as a possible top priority. Our module search page on backdropcms.org doesn't do a good job. Neither does the module search on admin/...
Weekly dev meetings to focus on top wish list items start March 26, 2026.
Hi Jochen You could test https://github.com/backdrop-contrib/commerce_invoice_receipt which doesn't yet have a release, but may meet your needs when combined with other modules to generate...
Commerce modules