You can configure Adobe Experience Manager (AEM) Assets to restrict the type of assets (files) that users can upload. This feature helps you eliminate the possibility of users uploading assets in an undesired format or uploading any malicious files. The
Day CQ DAM Asset Upload Restriction service enables you to control the type of files that users can upload. By default, AEM Assets allows users to upload assets of all MIME types. However, you can configure the service to restrict users to upload files of specific MIME types only.
To open the Configuration Manager web console, access
Open the Day CQ DAM Asset Upload Restriction service in Edit mode. By default, the Allow all MIME option is selected, which allows users to upload files of all MIME types.
To restrict users to upload files of certain MIME types only, unselect the llow all MIME option and specify allowed MIME types in the Allowed Asset MIMEs (regex) fields using regular expressions.
Click/tap Save to save the changes. If you specify MIME-strings for allowed MIME types, the upload operation fails for any asset with MIME type that doesn’t match the configured MIME strings in these fields.