Allow only upload specific file type

[newyork58]

The issue is more related to the R2 itself, but perhaps someone has advice on how to validate the file type in a secure environment?

Passing ContentType in PutObjectCommand doesn't work.

Currently, anyone from the client side can send a malware file with any header, and it will be correctly uploaded via presigned url.

At the moment, presigned URLs don't support POST methods, and R2 doesn't have Bucket Policies.

[anuveyatsu]

@relacja I believe the only way you can implement this is to add a logic in the code that will perform the required checks. If you want to do a simple file type check you could implement it somewhere before Uppy starts getting presigned url from r2.