Specify a MIME Type for Blob Objects in Lightning Web Security
Lightning Web Security (LWS) requires you to set the MIME type when you create Blob objects. LWS permits some MIME types, sanitizes some MIME types, and blocks the rest.
Set the MIME type explicitly when you create a Blob object.
If you don’t set the type, the object isn’t created with the expected content.
LWS allows these MIME types, the same as Lightning Locker.
application/octet-stream
— Default value for binary filesapplication/json
— JSON formatapplication/pdf
— Portable Document Format (.pdf)video/
— Allvideo/*
mime typesaudio/
— Allaudio/*
mime typesimage/
— Allimage/*
mime typesfont/
— Allfont/*
mime typestext/plain
— Text (.txt)text/markdown
— Markdown (.md)application/zip
— Zip archive (.zip)application/x-bzip
— Bzip archive (.bz)application/x-rar-compressed
— RAR archive (.rar)application/x-tar
— Tape archive (.tar)
LWS sanitizes text/html
, image/svg+xml
, and text/xml
MIME types. These types are permitted but LWS removes potentially malicious code.
Any other types are blocked with the error message Unsupported MIME type
.
To send binary files that aren’t explicitly permitted, specify the MIME type as application/octet-stream
.