I cant figure out how to get AjaxControlToolKit's AjaxFileUpload to allow uploading of all file types. I tried the below code but it doest work. Any help would be greatly appreciated.
<ajaxToolkit:AjaxFileUpload ID="AjaxFileUploader" runat="server" Width="100%" Style="padding-bottom: 10px" OnClientUploadStart="UploadStart" OnClientUploadCompleteAll="UploadEnd" AllowedFileTypes="*" AutoStartUpload="True"/>
this is what my web.config file looks like....
Here is what my config file and control markup looks like (after changes suggested by Albert D. Kallal)
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<configSections>
<sectionGroup name="devExpress">
<section name="themes" type="DevExpress.Web.ThemesConfigurationSection, DevExpress.Web.v22.2, Version=22.2.4.0, Culture=neutral, PublicKeyToken=b88d1754d700e49a" requirePermission="false" />
<section name="compression" type="DevExpress.Web.CompressionConfigurationSection, DevExpress.Web.v22.2, Version=22.2.4.0, Culture=neutral, PublicKeyToken=b88d1754d700e49a" requirePermission="false" />
<section name="settings" type="DevExpress.Web.SettingsConfigurationSection, DevExpress.Web.v22.2, Version=22.2.4.0, Culture=neutral, PublicKeyToken=b88d1754d700e49a" requirePermission="false" />
<section name="errors" type="DevExpress.Web.ErrorsConfigurationSection, DevExpress.Web.v22.2, Version=22.2.4.0, Culture=neutral, PublicKeyToken=b88d1754d700e49a" requirePermission="false" />
<section name="resources" type="DevExpress.Web.ResourcesConfigurationSection, DevExpress.Web.v22.2, Version=22.2.4.0, Culture=neutral, PublicKeyToken=b88d1754d700e49a" requirePermission="false" />
<section name="bootstrap" type="DevExpress.Web.Bootstrap.BootstrapConfigurationSection, DevExpress.Web.Bootstrap.v22.2, Version=22.2.4.0, Culture=neutral, PublicKeyToken=b88d1754d700e49a" requirePermission="false" />
</sectionGroup>
<section name="ajaxControlToolkit" type="AjaxControlToolkit.AjaxControlToolkitConfigSection, AjaxControlToolkit" requirePermission="false" />
</configSections>
<ajaxControlToolkit additionalUploadFileExtensions="dcm," />
<system.webServer>
<validation validateIntegratedModeConfiguration="false" />
<handlers>
<add name="AjaxFileUploadHandler" verb="*" path="AjaxFileUploadHandler.axd" type="AjaxControlToolkit.AjaxFileUploadHandler,AjaxControlToolkit" />
<add type="DevExpress.Web.ASPxHttpHandlerModule, DevExpress.Web.v22.2, Version=22.2.4.0, Culture=neutral, PublicKeyToken=b88d1754d700e49a" verb="GET,POST" path="DX.ashx" name="ASPxHttpHandlerModule" preCondition="integratedMode" />
<add type="DevExpress.Web.ASPxUploadProgressHttpHandler, DevExpress.Web.v22.2, Version=22.2.4.0, Culture=neutral, PublicKeyToken=b88d1754d700e49a" verb="GET,POST" path="ASPxUploadProgressHandlerPage.ashx" name="ASPxUploadProgressHandler" preCondition="integratedMode" />
</handlers>
<modules runAllManagedModulesForAllRequests="true">
<add type="DevExpress.Web.ASPxHttpHandlerModule, DevExpress.Web.v22.2, Version=22.2.4.0, Culture=neutral, PublicKeyToken=b88d1754d700e49a" name="ASPxHttpHandlerModule" />
</modules>
<staticContent>
<mimeMap fileExtension=".dcm" mimeType="application/dicom" />
</staticContent>
</system.webServer>
<appSettings>
bla bla bla bla
...
<ajaxToolkit:AjaxFileUpload ID="AjaxFileUploader" runat="server" Width="100%" Style="padding-bottom: 10px" OnClientUploadStart="UploadStart" OnClientUploadCompleteAll="UploadEnd" AllowedFileTypes="dcm,zip" AutoStartUpload="True"/>
Ok, this is a bit of a un-documented issue.
While you "can" specify the file types that are allowed?
There are some "security" restrictions such as .msg files and a few others.
So, in web config, you can change this.
Add this right after the start in web.config, in "configuration"
like this:
<configuration>
<configSections>
<section name="ajaxControlToolkit"
type="AjaxControlToolkit.AjaxControlToolkitConfigSection, AjaxControlToolkit"
requirePermission="false"/>
</configSections>
<ajaxControlToolkit additionalUploadFileExtensions="msg" />
<appSettings>
.etc .etc. etc.
So, you MUST add the "section name", and then (and ONLY then), can you add the additionalUploadFileExtensions part.
The ALLOWED list of file extenstions by default is this:
7z,aac,avi,bz2,csv,doc,docx,gif,gz,htm,html,jpeg,jpg,md,mp3,mp4
ods,odt,ogg,pdf,png,ppt,pptx,svg,tar,tgz,txt,xls,xlsx,xml,zip
NOTE very close, that "bmp" files are not in that list!!!
So, while you can filter/restrict/limit say zip and pdf like this:
<ajaxToolkit:AjaxFileUpload ID="AjaxFileUpload1" runat="server"
AllowedFileTypes="pdf,zip"
ChunkSize="8192"
OnClientUploadStart="UpLoadStart"
OnClientUploadComplete = "UpLoadCompleteOne"
OnClientUploadCompleteAll="UpLoadDone" ClientIDMode="Static"
ViewStateMode="Enabled"
OnClientUploadError="UpLoadError" title="" MaximumNumberOfFiles="20"
onchange="fileschanged();" />
so, in above, we ONLY allow the user pdf, zip.
However, if we added say :
AllowedFileTypes="pdf,zip,bmp,msg"
it will NOT allow this.
So, there is a biult in "list" of allowable file types.
You can change this. In web config, add this section:
<configuration>
<configSections>
<section name="ajaxControlToolkit"
type="AjaxControlToolkit.AjaxControlToolkitConfigSection, AjaxControlToolkit"
requirePermission="false"/>
</configSections>
<ajaxControlToolkit additionalUploadFileExtensions="msg" />
<appSettings>
<add key="ChartImageHandler" value="storage=file;timeout=20;dir=c:\TempImageFiles\;" />
Note carefull, the 2nd "additional" file element FIRST requires the config section above for the aj toolkit. So, look for a existing one, and if not, then add the above.
And for NO file extenstion?
This seems to work:
<ajaxControlToolkit additionalUploadFileExtensions="msg," />
Note the trailing "," in above.
As a FYI?
I believe the file "whitelist" or restrictions appeared around version 17 for the aj toolkit, and the current number is around 20 or so. (so, if you using later then version 17, then you will have to add the above to web.config to "allow" those file types regardless of the actual file types you specify for the ajaxfileupload control in the page markup.
It turns out from testing, that web config does NOT have to be changed to allow files without extensions. The above white list of files (allowed) still remains, and if one wants to up-load say a simple "bmp" file, then one MUST change the web.config.
However, to allow files without a extension, no such changes to web.config is required, only that you use this in the list of allowed file types in the control's markup on the page.
eg:
AllowedFileTypes=",zip"
So, note the "empty" file type in above. (quite sure it has to be the first entry).
The above will thus allow up-loading of files without an extension.
It turns out that the web.config changes are NOT required to allow a file being up-loaded without a file extension.
All that is required is the in the control markup is to add a "empty" file type, say like this:
AllowedFileTypes=",zip"
So, a "empty" file type (no space) seems to work, and their is NOT a requirement to change the web config file.
However, do keep in mind that the advice about the built-in "white list" of allowed file types. This allowed list remains in effect for files with extensions.
So, for ANY type of file (extension) that is NOT in the white-list of files? Then yes, you do have to modify web.config, and then such files can be up-loaded. One can freely add "allowed" file types (extensions) to the markup tag on the page, or leave out the allowed file types attribute to allow all types of files.
In either case (using allowed file types or not attribute in markup), the allowed file type "list" has to be modified to allow files not in that default white-list of file types.
So, allowed file types tag/attribute is optional, but the allowed file types not in the above "white-list" of files requires a change to web.config for such files to be up-loaded.