Eh that's not often a good idea. The service should only look at the file header for the mime type and decide based on that if it should even begin to upload.
Mime types can be spoofed and if you read the data blob's mime from its' type, then just an extension rename will fool it. But if you look at the magic numbers you're saving your server's resources and the uploader's time as it doesn't even try to move the file if the mime is not acceptable. No reason not to do it on the client-side first.
Mime types can be spoofed and if you read the data blob's mime from its' type, then just an extension rename will fool it. But if you look at the magic numbers you're saving your server's resources and the uploader's time as it doesn't even try to move the file if the mime is not acceptable. No reason not to do it on the client-side first.