Why am I getting mime-type of .csv file as "application/octet-stream"?

Asked 21/8, 2012 at 18:39 Answered 21/8, 2012 at 19:21

Solved php csv http-headers mime-types file-format

I'm working on a PHP application that must import an excel file into MySQL. So I need to convert the excel file to .csv format. But when I want to get its type using $_FILE['something']['type'] , I get application/octet-stream as its mime-type;
I think there is something wrong here. Because I gathered the list below as a .csv file mime-type:

text/comma-separated-values,  
text/csv,  
application/csv, 
application/excel, 
application/vnd.ms-excel, 
application/vnd.msexcel

What's the matter ?

Dilution answered 21/8, 2012 at 18:39 Comment(2)

Also sometimes when you have your file opened with MS excel while you acces it from your application you get "application/octet-stream" as mime type. That happend to me with a Java application some time ago. – Nucleoplasm 27/2, 2013 at 9:4

note that if your file size passes the upload_max_filesize setting in php.ini you will get application/octet-stream instead of expected mime – Skilken 7/5, 2018 at 10:24

In times like these, the official HTTP specification is always helpful. From RFC 2616 7.2.1 (my emphasis added):

Any HTTP/1.1 message containing an entity-body SHOULD include a Content-Type header field defining the media type of that body. If and only if the media type is not given by a Content-Type field, the recipient MAY attempt to guess the media type via inspection of its content and/or the name extension(s) of the URI used to identify the resource. If the media type remains unknown, the recipient SHOULD treat it as type "application/octet-stream".

The cause of your issue is that the server accepting the file upload does not itself know what type of file has been uploaded. Why? Because it relies on the the HTTP message which sent the file to specify a Content-Type header to determine the exact mime-type. The browser has likely not sent a Content-Type header and the server has assumed application/octet-stream as per the official HTTP specification excerpt above. It's also possible that the client uploading the file opted not to determine the mime type of the file it was uploading and sent the Content-Type: application/octet-stream header itself.

Now, when we consider this in conjunction with the PHP manual entry regarding POST file uploads^docs, we see the following:

$_FILES['userfile']['type']

The mime type of the file, if the browser provided this information. An example would be "image/gif". This mime type is however not checked on the PHP side and therefore don't take its value for granted.

So as you can see, even if $_FILES['userfile']['type'] is specified, it only corresponds to the Content-Type header sent by the client. This information can easily be faked and should not be relied upon. If you need to be sure that the uploaded file is of a specific type, you'll have to verify that yourself.

Salespeople answered 21/8, 2012 at 19:21 Comment(1)

We understand that but what can one do if this issue is faced? What can be done to provide a valid mime type when user uploads a csv file? I'm having this issue on Firefox only, on Chrome I do get csv mime type. – Roomful 12/12, 2018 at 6:13

application/octet-stream is always used if the mime type is not known.

Hawk answered 21/8, 2012 at 18:41 Comment(1)

Is there a way to make it known? – Arlindaarline 11/7, 2017 at 12:3

$_FILE['something']['type'] is populated by the browser / user OS, so it is not reliable. You should make your own check at server side to determine if uploaded file was in desired format.

Balkin answered 21/8, 2012 at 19:18 Comment(0)

-1

All of the mime-types you listed show up as common mime-types for csv files on http://filext.com/file-extension/CSV

So basically I'd say it comes down to which program generated the .csv file and which mime-type they decided to use.

Knotgrass answered 21/8, 2012 at 18:43 Comment(0)

Recommended topics

Hot tags