0
0
Expressframework~10 mins

File type validation in Express - Step-by-Step Execution

Choose your learning style9 modes available
LearnWhyDeepVisualTryChallengeProjectRecallPerf
Concept Flow - File type validation
Receive file upload request
Extract file info (name, mimetype)
Check if file type is allowed?
NoReject upload with error
Yes
Accept file and continue processing
Send response
The server receives a file upload, checks its type, rejects if invalid, or accepts if valid.
Execution Sample
Express
const allowedTypes = ['image/png', 'image/jpeg'];
app.post('/upload', (req, res) => {
  const file = req.file;
  if (!file || !allowedTypes.includes(file.mimetype)) {
    return res.status(400).send('Invalid file type');
  }
  res.send('File accepted');
});
This code checks the uploaded file's mimetype and rejects it if not allowed.
Execution Table
StepActionFile mimetypeConditionResultResponse Sent
1Receive upload requestimage/pngCheck if 'image/png' in allowedTypesYesNo response yet
2Validate file typeimage/pngAllowed type?YesNo response yet
3Accept fileimage/png--No response yet
4Send success responseimage/png--'File accepted'
5Receive upload requestapplication/pdfCheck if 'application/pdf' in allowedTypesNoNo response yet
6Validate file typeapplication/pdfAllowed type?NoNo response yet
7Reject fileapplication/pdf--No response yet
8Send error responseapplication/pdf--'Invalid file type'
💡 Execution stops after sending response to client.
Variable Tracker
VariableStartAfter Step 1After Step 2After Step 4 or 8
file.mimetypeundefinedimage/png or application/pdfimage/png or application/pdfunchanged
allowedTypes['image/png','image/jpeg']unchangedunchangedunchanged
Key Moments - 2 Insights
Why does the server reject some files even if they are uploaded?
Because the file's mimetype is not in the allowedTypes list, as shown in execution_table rows 5-8.
What happens if the file mimetype matches an allowed type?
The server accepts the file and sends a success response, as seen in execution_table rows 1-4.
Visual Quiz - 3 Questions
Test your understanding
Look at the execution table, what response is sent when the file mimetype is 'image/png'?
A'Invalid file type'
BNo response sent
C'File accepted'
D'File rejected'
💡 Hint
Check execution_table row 4 where mimetype is 'image/png'.
At which step does the server decide to reject a file with mimetype 'application/pdf'?
AStep 2
BStep 6
CStep 4
DStep 8
💡 Hint
Look at execution_table rows 5-8 for 'application/pdf' mimetype.
If we add 'application/pdf' to allowedTypes, how would the response change for that file type?
AIt would be accepted and send 'File accepted'
BIt would still be rejected
CServer would crash
DNo response would be sent
💡 Hint
Refer to variable_tracker and execution_table rows 1-4 for allowed types.
Concept Snapshot
File type validation in Express:
- Extract file mimetype from upload
- Check mimetype against allowed list
- Reject with error if not allowed
- Accept and continue if allowed
- Always send response to client
Full Transcript
In Express, when a file is uploaded, the server reads the file's mimetype. It compares this mimetype to a list of allowed types. If the file type is not allowed, the server rejects the upload and sends an error message. If the file type is allowed, the server accepts the file and sends a success message. This process ensures only safe or expected file types are processed.