npm - @freightos/freightwind - Versions diffs - 2.1.3 → 2.1.4 - Mend

@freightos/freightwind 2.1.3 → 2.1.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (11) hide show

package/dist/cjs/components/upload.js +321 -0
package/dist/cjs/index.js +5 -1
package/dist/cjs/lib/file-extensions.js +678 -0
package/dist/esm/components/upload.js +318 -0
package/dist/esm/index.js +2 -0
package/dist/esm/lib/file-extensions.js +671 -0
package/dist/types/components/chip.d.ts +1 -1
package/dist/types/components/upload.d.ts +66 -0
package/dist/types/index.d.ts +2 -0
package/dist/types/lib/file-extensions.d.ts +52 -0
package/package.json +3 -1

package/dist/cjs/lib/file-extensions.js ADDED Viewed

@@ -0,0 +1,678 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.VALID_FILE_EXTENSIONS = exports.VALID_MIME_TYPES = void 0;
+exports.normalizeExtension = normalizeExtension;
+exports.hasValidExtension = hasValidExtension;
+exports.validateFileType = validateFileType;
+exports.getMimeTypesForExtension = getMimeTypesForExtension;
+/**
+ * MIME-type → extensions map sourced from the IANA / Apache / Nginx MIME database
+ * (https://github.com/jshttp/mime-db). Keys are canonical MIME types
+ * (e.g. `image/aces`); values are the extensions that legitimately produce that
+ * type, without a leading dot and in lowercase.
+ *
+ * Used to validate uploaded files: reject when the browser-reported `File.type`
+ * is unknown, **and** cross-check that the filename's extension matches the set
+ * registered for that type. This catches "extension spoofing" — e.g. a `.exe`
+ * renamed to `.jpg` will report `application/x-msdownload` (or empty), which
+ * does not list `jpg`, so it fails validation.
+ */
+exports.VALID_MIME_TYPES = {
+    // ── Documents ──────────────────────────────────────────────────────────────
+    'application/pdf': ['pdf'],
+    'application/msword': ['doc', 'dot'],
+    'application/vnd.openxmlformats-officedocument.wordprocessingml.document': ['docx'],
+    'application/vnd.ms-word.document.macroenabled.12': ['docm'],
+    'application/vnd.openxmlformats-officedocument.wordprocessingml.template': ['dotx'],
+    'application/vnd.ms-word.template.macroenabled.12': ['dotm'],
+    'application/vnd.oasis.opendocument.text': ['odt'],
+    'application/vnd.oasis.opendocument.text-template': ['ott'],
+    'application/vnd.oasis.opendocument.text-master': ['odm'],
+    'application/vnd.oasis.opendocument.text-web': ['oth'],
+    'application/rtf': ['rtf'],
+    'text/rtf': ['rtf'],
+    'text/plain': ['txt', 'text', 'conf', 'def', 'list', 'log', 'in', 'ini'],
+    'text/markdown': ['md', 'markdown'],
+    'text/x-markdown': ['mkd'],
+    'text/mdx': ['mdx'],
+    'application/x-tex': ['tex'],
+    'application/x-texinfo': ['texinfo', 'texi'],
+    'application/vnd.wordperfect': ['wpd'],
+    'application/vnd.ms-works': ['wps', 'wks', 'wcm', 'wdb'],
+    'application/vnd.apple.pages': ['pages'],
+    'application/x-iwork-pages-sffpages': ['pages'],
+    'application/vnd.google-apps.document': ['gdoc'],
+    'application/fdf': ['fdf'],
+    'application/vnd.fdf': ['fdf'],
+    'application/xfdf': ['xfdf'],
+    'application/vnd.adobe.xfdf': ['xfdf'],
+    'application/epub+zip': ['epub'],
+    'application/x-mobipocket-ebook': ['mobi', 'prc'],
+    'application/vnd.amazon.ebook': ['azw'],
+    'application/x-abiword': ['abw'],
+    'application/x-gnumeric': ['gnumeric'],
+    'text/richtext': ['rtx'],
+    'text/sgml': ['sgml', 'sgm'],
+    'text/troff': ['t', 'tr', 'roff', 'man', 'me', 'ms'],
+    'application/vnd.software602.filler.form+xml': ['fo'],
+    'text/shex': ['shex'],
+    'text/spdx': ['spdx'],
+    'text/turtle': ['ttl'],
+    'text/n3': ['n3'],
+    'text/vnd.sun.j2me.app-descriptor': ['jad'],
+    'text/x-org': ['org'],
+    // ── Spreadsheets ───────────────────────────────────────────────────────────
+    'application/vnd.ms-excel': ['xls', 'xlm', 'xla', 'xlc', 'xlt', 'xlw'],
+    'application/vnd.openxmlformats-officedocument.spreadsheetml.sheet': ['xlsx'],
+    'application/vnd.ms-excel.sheet.macroenabled.12': ['xlsm'],
+    'application/vnd.ms-excel.sheet.binary.macroenabled.12': ['xlsb'],
+    'application/vnd.openxmlformats-officedocument.spreadsheetml.template': ['xltx'],
+    'application/vnd.ms-excel.template.macroenabled.12': ['xltm'],
+    'application/vnd.ms-excel.addin.macroenabled.12': ['xlam'],
+    'application/vnd.oasis.opendocument.spreadsheet': ['ods'],
+    'application/vnd.oasis.opendocument.spreadsheet-template': ['ots'],
+    'text/csv': ['csv'],
+    'text/tab-separated-values': ['tsv'],
+    'application/vnd.apple.numbers': ['numbers'],
+    'application/x-iwork-numbers-sffnumbers': ['numbers'],
+    'application/vnd.google-apps.spreadsheet': ['gsheet'],
+    // ── Presentations ──────────────────────────────────────────────────────────
+    'application/vnd.ms-powerpoint': ['ppt', 'pps', 'pot'],
+    'application/vnd.openxmlformats-officedocument.presentationml.presentation': ['pptx'],
+    'application/vnd.ms-powerpoint.presentation.macroenabled.12': ['pptm'],
+    'application/vnd.openxmlformats-officedocument.presentationml.slideshow': ['ppsx'],
+    'application/vnd.ms-powerpoint.slideshow.macroenabled.12': ['ppsm'],
+    'application/vnd.openxmlformats-officedocument.presentationml.template': ['potx'],
+    'application/vnd.ms-powerpoint.template.macroenabled.12': ['potm'],
+    'application/vnd.ms-powerpoint.addin.macroenabled.12': ['ppam'],
+    'application/vnd.openxmlformats-officedocument.presentationml.slide': ['sldx'],
+    'application/vnd.ms-powerpoint.slide.macroenabled.12': ['sldm'],
+    'application/vnd.oasis.opendocument.presentation': ['odp'],
+    'application/vnd.oasis.opendocument.presentation-template': ['otp'],
+    'application/vnd.apple.keynote': ['key'],
+    'application/x-iwork-keynote-sffkey': ['key'],
+    'application/vnd.google-apps.presentation': ['gslides'],
+    'application/vnd.google-apps.form': ['gform'],
+    'application/vnd.google-apps.drawing': ['gdraw'],
+    'application/vnd.google-apps.jam': ['gjam'],
+    'application/vnd.google-apps.map': ['gmap'],
+    'application/vnd.google-apps.script': ['gscript'],
+    'application/vnd.google-apps.site': ['gsite'],
+    // ── Images ─────────────────────────────────────────────────────────────────
+    'image/png': ['png'],
+    'image/jpeg': ['jpg', 'jpeg', 'jpe'],
+    'image/pjpeg': ['jfif'],
+    'image/gif': ['gif'],
+    'image/webp': ['webp'],
+    'image/avif': ['avif'],
+    'image/apng': ['apng'],
+    'image/bmp': ['bmp', 'dib'],
+    'image/x-ms-bmp': ['bmp'],
+    'image/tiff': ['tif', 'tiff'],
+    'image/svg+xml': ['svg', 'svgz'],
+    'image/x-icon': ['ico'],
+    'image/vnd.microsoft.icon': ['ico'],
+    'image/heic': ['heic'],
+    'image/heic-sequence': ['heics'],
+    'image/heif': ['heif'],
+    'image/heif-sequence': ['heifs'],
+    'image/cgm': ['cgm'],
+    'image/jp2': ['jp2', 'jpg2'],
+    'image/jpx': ['jpx', 'jpf'],
+    'image/jpm': ['jpm', 'jpgm'],
+    'image/jxl': ['jxl'],
+    'image/jxr': ['jxr'],
+    'image/jxra': ['jxra'],
+    'image/jxrs': ['jxrs'],
+    'image/jxs': ['jxs'],
+    'image/jxsc': ['jxsc'],
+    'image/jxsi': ['jxsi'],
+    'image/jxss': ['jxss'],
+    'image/jph': ['jph'],
+    'image/jphc': ['jhc'],
+    'image/hej2k': ['hej2'],
+    'image/jls': ['jls'],
+    'image/jaii': ['jaii'],
+    'image/jais': ['jais'],
+    'image/ktx': ['ktx'],
+    'image/ktx2': ['ktx2'],
+    'image/aces': ['exr'],
+    'image/avci': ['avci'],
+    'image/avcs': ['avcs'],
+    'image/dicom-rle': ['drle'],
+    'image/dpx': ['dpx'],
+    'image/fits': ['fits'],
+    'image/g3fax': ['g3'],
+    'image/ief': ['ief'],
+    'image/t38': ['t38'],
+    'image/tiff-fx': ['tfx'],
+    'image/emf': ['emf'],
+    'image/wmf': ['wmf'],
+    'image/vnd.adobe.photoshop': ['psd'],
+    'application/postscript': ['ai', 'eps', 'ps'],
+    'image/x-adobe-dng': ['dng'],
+    'image/prs.btif': ['btif', 'btf'],
+    'image/prs.pti': ['pti'],
+    'image/vnd.airzip.accelerator.azv': ['azv'],
+    'image/vnd.blockfact.facti': ['facti'],
+    'image/vnd.dece.graphic': ['uvi', 'uvvi', 'uvg', 'uvvg'],
+    'image/vnd.djvu': ['djvu', 'djv'],
+    'image/vnd.dvb.subtitle': ['sub'],
+    'image/vnd.dwg': ['dwg'],
+    'image/vnd.dxf': ['dxf'],
+    'image/vnd.fastbidsheet': ['fbs'],
+    'image/vnd.fpx': ['fpx'],
+    'image/vnd.fst': ['fst'],
+    'image/vnd.fujixerox.edmics-mmr': ['mmr'],
+    'image/vnd.fujixerox.edmics-rlc': ['rlc'],
+    'image/vnd.ms-dds': ['dds'],
+    'image/vnd.ms-modi': ['mdi'],
+    'image/vnd.ms-photo': ['wdp'],
+    'image/vnd.net-fpx': ['npx'],
+    'image/vnd.pco.b16': ['b16'],
+    'image/vnd.tencent.tap': ['tap'],
+    'image/vnd.valve.source.texture': ['vtf'],
+    'image/vnd.wap.wbmp': ['wbmp'],
+    'image/vnd.xiff': ['xif'],
+    'image/vnd.zbrush.pcx': ['pcx'],
+    'image/x-3ds': ['3ds'],
+    'image/x-cmu-raster': ['ras'],
+    'image/x-cmx': ['cmx'],
+    'image/x-freehand': ['fh', 'fhc', 'fh4', 'fh5', 'fh7'],
+    'image/x-jng': ['jng'],
+    'image/x-mrsid-image': ['sid'],
+    'image/sgi': ['sgi'],
+    'image/x-pcx': ['pcx'],
+    'image/x-pict': ['pic', 'pct'],
+    'image/x-portable-anymap': ['pnm'],
+    'image/x-portable-bitmap': ['pbm'],
+    'image/x-portable-graymap': ['pgm'],
+    'image/x-portable-pixmap': ['ppm'],
+    'image/x-rgb': ['rgb'],
+    'image/x-tga': ['tga'],
+    'image/x-xbitmap': ['xbm'],
+    'image/x-xpixmap': ['xpm'],
+    'image/x-xwindowdump': ['xwd'],
+    // ── Audio ──────────────────────────────────────────────────────────────────
+    'audio/mpeg': ['mpga', 'mp2', 'mp2a', 'mp3', 'm2a', 'm3a'],
+    'audio/mp3': ['mp3'],
+    'audio/wav': ['wav'],
+    'audio/wave': ['wav'],
+    'audio/x-wav': ['wav'],
+    'audio/ogg': ['oga', 'ogg', 'spx', 'opus'],
+    'audio/mp4': ['m4a', 'mp4a', 'm4b'],
+    'audio/x-m4a': ['m4a'],
+    'audio/aac': ['adts', 'aac'],
+    'audio/x-aac': ['aac'],
+    'audio/x-aiff': ['aif', 'aiff', 'aifc'],
+    'audio/x-flac': ['flac'],
+    'audio/x-ms-wma': ['wma'],
+    'audio/amr': ['amr'],
+    'audio/midi': ['mid', 'midi', 'kar', 'rmi'],
+    'audio/matroska': ['mka'],
+    'audio/x-matroska': ['mka'],
+    'audio/mobile-xmf': ['mxmf'],
+    'audio/basic': ['au', 'snd'],
+    'audio/x-pn-realaudio': ['ram', 'ra'],
+    'audio/x-realaudio': ['ra'],
+    'audio/x-pn-realaudio-plugin': ['rmp'],
+    'audio/webm': ['weba'],
+    'audio/x-caf': ['caf'],
+    'audio/s3m': ['s3m'],
+    'audio/silk': ['sil'],
+    'audio/xm': ['xm'],
+    'audio/x-ms-wax': ['wax'],
+    'audio/x-mpegurl': ['m3u'],
+    'audio/adpcm': ['adp'],
+    'audio/vnd.dra': ['dra'],
+    'audio/vnd.dts': ['dts'],
+    'audio/vnd.dts.hd': ['dtshd'],
+    'audio/vnd.lucent.voice': ['lvp'],
+    'audio/vnd.ms-playready.media.pya': ['pya'],
+    'audio/vnd.digital-winds': ['eol'],
+    'audio/vnd.rip': ['rip'],
+    'audio/vnd.nuera.ecelp4800': ['ecelp4800'],
+    'audio/vnd.nuera.ecelp7470': ['ecelp7470'],
+    'audio/vnd.nuera.ecelp9600': ['ecelp9600'],
+    // ── Video ──────────────────────────────────────────────────────────────────
+    'video/mp4': ['mp4', 'mp4v', 'mpg4'],
+    'video/mpeg': ['mpeg', 'mpg', 'mpe', 'm1v', 'm2v'],
+    'video/x-m4v': ['m4v'],
+    'video/quicktime': ['qt', 'mov'],
+    'video/x-msvideo': ['avi'],
+    'video/x-matroska': ['mkv', 'mk3d', 'mks'],
+    'video/matroska': ['mkv'],
+    'video/matroska-3d': ['mk3d'],
+    'video/webm': ['webm'],
+    'video/x-flv': ['flv'],
+    'video/x-f4v': ['f4v'],
+    'video/x-ms-wmv': ['wmv'],
+    'video/x-ms-wm': ['wm'],
+    'video/x-ms-wmx': ['wmx'],
+    'video/x-ms-wvx': ['wvx'],
+    'video/x-ms-asf': ['asf', 'asx'],
+    'video/x-ms-vob': ['vob'],
+    'video/mp2t': ['ts', 'm2t', 'm2ts', 'mts'],
+    'video/ogg': ['ogv'],
+    'video/3gpp': ['3gp', '3gpp'],
+    'video/3gpp2': ['3g2'],
+    'video/vnd.mpegurl': ['mxu', 'm4u'],
+    'video/x-mng': ['mng'],
+    'video/x-fli': ['fli'],
+    'video/x-sgi-movie': ['movie'],
+    'video/x-smv': ['smv'],
+    'video/iso.segment': ['m4s'],
+    'video/mj2': ['mj2', 'mjp2'],
+    'video/h261': ['h261'],
+    'video/h263': ['h263'],
+    'video/h264': ['h264'],
+    'video/jpeg': ['jpgv'],
+    'video/jpm': ['jpm', 'jpgm'],
+    'video/vnd.dvb.file': ['dvb'],
+    'video/vnd.fvt': ['fvt'],
+    'video/vnd.vivo': ['viv'],
+    'video/vnd.ms-playready.media.pyv': ['pyv'],
+    'video/vnd.dece.hd': ['uvh', 'uvvh'],
+    'video/vnd.dece.mobile': ['uvm', 'uvvm'],
+    'video/vnd.dece.pd': ['uvp', 'uvvp'],
+    'video/vnd.dece.sd': ['uvs', 'uvvs'],
+    'video/vnd.dece.video': ['uvv', 'uvvv'],
+    'video/vnd.uvvu.mp4': ['uvu', 'uvvu'],
+    // ── Archives & Compression ─────────────────────────────────────────────────
+    'application/zip': ['zip'],
+    'application/x-zip-compressed': ['zip'],
+    'application/vnd.rar': ['rar'],
+    'application/x-rar-compressed': ['rar'],
+    'application/x-compressed': ['rar'],
+    'application/gzip': ['gz'],
+    'application/x-bzip': ['bz'],
+    'application/x-bzip2': ['bz2', 'boz'],
+    'application/x-7z-compressed': ['7z'],
+    'application/x-tar': ['tar'],
+    'application/x-xz': ['xz'],
+    'application/x-lzh-compressed': ['lzh', 'lha'],
+    'application/vnd.ms-cab-compressed': ['cab'],
+    'application/x-arj': ['arj'],
+    'application/x-freearc': ['arc'],
+    'application/x-ace-compressed': ['ace'],
+    'application/x-stuffit': ['sit'],
+    'application/x-stuffitx': ['sitx'],
+    'application/x-sea': ['sea'],
+    'application/x-shar': ['shar'],
+    'application/x-iso9660-image': ['iso'],
+    'application/x-apple-diskimage': ['dmg'],
+    'application/x-cpio': ['cpio'],
+    'application/vnd.android.package-archive': ['apk'],
+    'application/java-archive': ['jar', 'war', 'ear'],
+    'application/x-debian-package': ['deb', 'udeb'],
+    'application/x-redhat-package-manager': ['rpm'],
+    'application/x-msdownload': ['exe', 'dll', 'com', 'bat', 'msi'],
+    'application/octet-stream': ['bin', 'dms', 'lrf', 'mar', 'so', 'dist', 'distz', 'pkg', 'bpk', 'dump', 'elc', 'deploy', 'exe', 'dll', 'deb', 'dmg', 'iso', 'img', 'msi', 'msp', 'msm', 'buffer'],
+    'application/msix': ['msix'],
+    'application/msixbundle': ['msixbundle'],
+    'application/appx': ['appx'],
+    'application/appxbundle': ['appxbundle'],
+    'application/appinstaller': ['appinstaller'],
+    'application/x-chrome-extension': ['crx'],
+    'application/x-xpinstall': ['xpi'],
+    'application/zip+dotlottie': ['lottie'],
+    'application/x-cbr': ['cbr', 'cba', 'cbt', 'cbz', 'cb7'],
+    'application/x-gca-compressed': ['gca'],
+    'application/x-dgc-compressed': ['dgc'],
+    'application/x-virtualbox-ova': ['ova'],
+    'application/x-virtualbox-vbox': ['vbox'],
+    'application/x-virtualbox-vbox-extpack': ['vbox-extpack'],
+    'application/x-sv4cpio': ['sv4cpio'],
+    'application/x-sv4crc': ['sv4crc'],
+    'application/x-ustar': ['ustar'],
+    'application/x-gtar': ['gtar'],
+    'application/x-cfs-compressed': ['cfs'],
+    'application/x-nzb': ['nzb'],
+    'application/x-bittorrent': ['torrent'],
+    'application/vnd.ms-pki.stl': ['stl'],
+    // ── Code & Markup ──────────────────────────────────────────────────────────
+    'application/javascript': ['js'],
+    'text/javascript': ['js', 'mjs'],
+    'application/node': ['cjs'],
+    'text/jsx': ['jsx'],
+    'application/json': ['json', 'map'],
+    'application/json5': ['json5'],
+    'application/ld+json': ['jsonld'],
+    'application/jsonml+json': ['jsonml'],
+    'application/wasm': ['wasm'],
+    'text/html': ['html', 'htm', 'shtml'],
+    'application/xhtml+xml': ['xhtml', 'xht'],
+    'text/css': ['css'],
+    'text/less': ['less'],
+    'text/x-sass': ['sass'],
+    'text/x-scss': ['scss'],
+    'text/stylus': ['stylus', 'styl'],
+    'application/xml': ['xml', 'xsl', 'xsd', 'rng'],
+    'text/xml': ['xml'],
+    'application/xslt+xml': ['xsl', 'xslt'],
+    'application/xml-dtd': ['dtd'],
+    'text/x-c': ['c', 'cc', 'cxx', 'cpp', 'h', 'hh', 'dic'],
+    'text/x-java-source': ['java'],
+    'application/java-vm': ['class'],
+    'text/x-php': ['php'],
+    'application/x-httpd-php': ['php'],
+    'text/x-pascal': ['p', 'pas'],
+    'text/x-fortran': ['f', 'for', 'f77', 'f90'],
+    'text/x-asm': ['s', 'asm'],
+    'application/x-perl': ['pl', 'pm'],
+    'application/x-sh': ['sh'],
+    'application/x-csh': ['csh'],
+    'application/x-tcl': ['tcl', 'tk'],
+    'application/x-lua-bytecode': ['luac'],
+    'text/x-lua': ['lua'],
+    'application/x-sql': ['sql'],
+    'application/sql': ['sql'],
+    'application/dart': ['dart'],
+    'application/vnd.dart': ['dart'],
+    'text/coffeescript': ['coffee', 'litcoffee'],
+    'text/jade': ['jade'],
+    'text/x-handlebars-template': ['hbs'],
+    'text/x-processing': ['pde'],
+    'text/mathml': ['mml'],
+    'application/mathml+xml': ['mathml'],
+    'application/yaml': ['yaml', 'yml'],
+    'text/yaml': ['yaml', 'yml'],
+    'application/toml': ['toml'],
+    'text/x-component': ['htc'],
+    'text/x-nfo': ['nfo'],
+    'text/x-opml': ['opml'],
+    'text/uri-list': ['uri', 'uris', 'urls'],
+    'text/x-suse-ymp': ['ymp'],
+    'text/x-uuencode': ['uu'],
+    'text/vnd.curl': ['curl'],
+    'text/vnd.curl.dcurl': ['dcurl'],
+    'text/vnd.curl.mcurl': ['mcurl'],
+    'text/vnd.curl.scurl': ['scurl'],
+    'text/x-sfv': ['sfv'],
+    'text/x-setext': ['etx'],
+    'text/wgsl': ['wgsl'],
+    'application/x-ipynb+json': ['ipynb'],
+    'text/prs.lines.tag': ['dsc'],
+    'text/vnd.fly': ['fly'],
+    'text/vnd.fmi.flexstor': ['flx'],
+    'text/vnd.graphviz': ['gv'],
+    'text/vnd.in3d.3dml': ['3dml'],
+    'text/vnd.in3d.spot': ['spot'],
+    'text/vnd.wap.wml': ['wml'],
+    'text/vnd.wap.wmlscript': ['wmls'],
+    // ── Fonts ──────────────────────────────────────────────────────────────────
+    'font/ttf': ['ttf'],
+    'font/otf': ['otf'],
+    'font/collection': ['ttc'],
+    'font/woff': ['woff'],
+    'font/woff2': ['woff2'],
+    'application/vnd.ms-fontobject': ['eot'],
+    'application/x-font-type1': ['pfa', 'pfb', 'pfm', 'afm'],
+    'application/x-font-bdf': ['bdf'],
+    'application/x-font-ghostscript': ['gsf'],
+    'application/x-font-linux-psf': ['psf'],
+    'application/x-font-pcf': ['pcf'],
+    'application/x-font-snf': ['snf'],
+    // ── Data & Database ────────────────────────────────────────────────────────
+    'application/vnd.sqlite3': ['sqlite', 'sqlite3'],
+    'application/x-msaccess': ['mdb'],
+    'application/vnd.dbf': ['dbf'],
+    'application/vnd.apache.parquet': ['parquet'],
+    'application/x-netcdf': ['nc', 'cdf'],
+    'application/x-hdf': ['hdf'],
+    // ── Office (other) ─────────────────────────────────────────────────────────
+    'application/onenote': ['onetoc', 'onetoc2', 'onetmp', 'onepkg', 'one', 'onea'],
+    'application/x-mspublisher': ['pub'],
+    'application/vnd.ms-project': ['mpp', 'mpt'],
+    'application/vnd.visio': ['vsd', 'vst', 'vss', 'vsw', 'vsdx', 'vtx'],
+    'application/vnd.ms-visio.viewer': ['vdx'],
+    'application/vnd.ms-officetheme': ['thmx'],
+    'application/vnd.ms-htmlhelp': ['chm'],
+    'application/x-msmoney': ['mny'],
+    'application/vnd.ms-wpl': ['wpl'],
+    'application/vnd.ms-xpsdocument': ['xps'],
+    'application/x-msbinder': ['obd'],
+    'application/x-mscardfile': ['crd'],
+    'application/x-msclip': ['clp'],
+    'application/x-msschedule': ['scd'],
+    'application/x-msterminal': ['trm'],
+    'application/x-mswrite': ['wri'],
+    'application/winhlp': ['hlp'],
+    // ── CAD & 3D ───────────────────────────────────────────────────────────────
+    'model/vnd.dwf': ['dwf'],
+    'model/step': ['step', 'stp', 'stpnc', 'p21', '210'],
+    'model/step+xml': ['stpx'],
+    'model/step+zip': ['stpz'],
+    'model/step-xml+zip': ['stpxz'],
+    'model/stl': ['stl'],
+    'model/iges': ['iges', 'igs'],
+    'model/3mf': ['3mf'],
+    'model/obj': ['obj'],
+    'model/mtl': ['mtl'],
+    'application/vnd.autodesk.fbx': ['fbx'],
+    'model/gltf+json': ['gltf'],
+    'model/gltf-binary': ['glb'],
+    'model/vnd.usdz+zip': ['usdz'],
+    'model/vnd.usda': ['usda'],
+    'application/x-blender': ['blend'],
+    'model/vnd.collada+xml': ['dae'],
+    'model/x3d+xml': ['x3d', 'x3dz'],
+    'model/x3d+binary': ['x3db', 'x3dbz'],
+    'model/x3d+vrml': ['x3dv', 'x3dvz'],
+    'model/vrml': ['wrl', 'vrml'],
+    'model/mesh': ['msh', 'mesh', 'silo'],
+    'model/u3d': ['u3d'],
+    'model/jt': ['jt'],
+    'model/prc': ['prc'],
+    'model/vnd.bary': ['bary'],
+    'model/vnd.cld': ['cld'],
+    'model/vnd.gdl': ['gdl'],
+    'model/vnd.gtw': ['gtw'],
+    'model/vnd.opengex': ['ogex'],
+    'model/vnd.parasolid.transmit.binary': ['x_b'],
+    'model/vnd.parasolid.transmit.text': ['x_t'],
+    'model/vnd.pytha.pyox': ['pyo', 'pyox'],
+    'model/vnd.sap.vds': ['vds'],
+    'model/vnd.valve.source.compiled-map': ['bsp'],
+    'model/vnd.vtu': ['vtu'],
+    // ── Calendar / Contact / Mail ──────────────────────────────────────────────
+    'text/calendar': ['ics', 'ifb'],
+    'text/x-vcalendar': ['vcs'],
+    'text/vcard': ['vcard'],
+    'text/x-vcard': ['vcf'],
+    'message/rfc822': ['eml', 'mime', 'mht', 'mhtml'],
+    'application/vnd.ms-outlook': ['msg'],
+    'application/mbox': ['mbox'],
+    'message/global': ['u8msg'],
+    'message/global-delivery-status': ['u8dsn'],
+    'message/global-disposition-notification': ['u8mdn'],
+    'message/global-headers': ['u8hdr'],
+    'message/vnd.wfa.wsc': ['wsc'],
+    'text/vnd.familysearch.gedcom': ['ged'],
+    // ── Certificates / Keys / Crypto ───────────────────────────────────────────
+    'application/x-x509-ca-cert': ['der', 'crt', 'pem'],
+    'application/x-pkcs12': ['p12', 'pfx'],
+    'application/x-pkcs7-certificates': ['p7b', 'spc'],
+    'application/pkcs7-mime': ['p7m', 'p7c'],
+    'application/x-pkcs7-certreqresp': ['p7r'],
+    'application/pkcs7-signature': ['p7s'],
+    'application/pkcs8': ['p8'],
+    'application/pkcs10': ['p10'],
+    'application/pkix-cert': ['cer'],
+    'application/pkix-crl': ['crl'],
+    'application/pkix-pkipath': ['pkipath'],
+    'application/pkixcmp': ['pki'],
+    'application/pgp-encrypted': ['pgp'],
+    'application/pgp-keys': ['asc'],
+    'application/pgp-signature': ['sig', 'asc'],
+    'application/x-keepass2': ['kdbx'],
+    // ── Subtitles / Captions ───────────────────────────────────────────────────
+    'application/x-subrip': ['srt'],
+    'text/vtt': ['vtt'],
+    'text/vnd.dvb.subtitle': ['sub'],
+    // ── Disk Images / Virtualization ───────────────────────────────────────────
+    'application/x-virtualbox-vhd': ['vhd'],
+    'application/x-virtualbox-vmdk': ['vmdk'],
+    'application/x-virtualbox-vdi': ['vdi'],
+    'application/x-virtualbox-ovf': ['ovf'],
+    'application/x-virtualbox-hdd': ['hdd'],
+    // ── GIS / Geospatial ───────────────────────────────────────────────────────
+    'application/geo+json': ['geojson'],
+    'application/vnd.google-earth.kml+xml': ['kml'],
+    'application/vnd.google-earth.kmz': ['kmz'],
+    'application/gpx+xml': ['gpx'],
+    'application/gml+xml': ['gml'],
+    'application/vnd.mapbox-vector-tile': ['mvt'],
+    'application/vnd.openstreetmap.data+xml': ['osm'],
+    // ── Web / Manifests / Feeds / RDF ──────────────────────────────────────────
+    'application/manifest+json': ['webmanifest'],
+    'application/x-web-app-manifest+json': ['webapp'],
+    'application/atom+xml': ['atom'],
+    'application/atomcat+xml': ['atomcat'],
+    'application/atomdeleted+xml': ['atomdeleted'],
+    'application/atomsvc+xml': ['atomsvc'],
+    'application/rss+xml': ['rss'],
+    'application/rsd+xml': ['rsd'],
+    'application/rdf+xml': ['rdf', 'owl'],
+    'application/wsdl+xml': ['wsdl'],
+    'application/wspolicy+xml': ['wspolicy'],
+    'application/widget': ['wgt'],
+    'application/yang': ['yang'],
+    'application/yin+xml': ['yin'],
+    'application/xv+xml': ['mxml', 'xhvml', 'xvml', 'xvm'],
+    'application/xaml+xml': ['xaml'],
+    'application/xproc+xml': ['xpl'],
+    'application/xop+xml': ['xop'],
+    'application/xenc+xml': ['xenc'],
+    'application/xliff+xml': ['xlf'],
+    'application/xspf+xml': ['xspf'],
+    'application/vnd.xfdl': ['xfdl'],
+    'application/vnd.xara': ['xar'],
+    'application/voicexml+xml': ['vxml'],
+    'application/watcherinfo+xml': ['wif'],
+    // ── Installers / Specialty containers ──────────────────────────────────────
+    'application/x-shockwave-flash': ['swf'],
+    'application/x-silverlight-app': ['xap'],
+    'application/x-ms-application': ['application'],
+    'application/x-ms-shortcut': ['lnk'],
+    'application/x-java-jnlp-file': ['jnlp'],
+    'application/x-install-instructions': ['install'],
+    'application/x-makeself': ['run'],
+    'application/x-java-archive-diff': ['jardiff'],
+    'application/x-mie': ['mie'],
+    'application/vnd.apple.installer+xml': ['mpkg'],
+    'application/vnd.apple.pkpass': ['pkpass'],
+    'application/vnd.apple.mpegurl': ['m3u8'],
+    // ── Z-machine / Game data ──────────────────────────────────────────────────
+    'application/x-zmachine': ['z1', 'z2', 'z3', 'z4', 'z5', 'z6', 'z7', 'z8'],
+    'application/x-tads': ['gam'],
+    'application/x-glulx': ['ulx'],
+    'application/x-doom': ['wad'],
+    'application/x-conference': ['nsc'],
+    'application/x-cdlink': ['vcd'],
+    'application/x-chess-pgn': ['pgn'],
+    'application/x-chat': ['chat'],
+    'application/x-cocoa': ['cco'],
+    // ── Adobe AIR / Misc app packages ──────────────────────────────────────────
+    'application/vnd.adobe.air-application-installer-package+zip': ['air'],
+    'application/vnd.adobe.fxp': ['fxp', 'fxpl'],
+    'application/vnd.adobe.xdp+xml': ['xdp'],
+    'application/vnd.adobe.formscentral.fcdt': ['fcdt'],
+    // ── Other (preserved from prior list) ──────────────────────────────────────
+    'application/x-research-info-systems': ['ris'],
+    'application/x-tex-tfm': ['tfm'],
+    'application/x-t3vm-image': ['t3'],
+    'application/x-eva': ['eva'],
+    'application/x-envoy': ['evy'],
+    'application/x-dvi': ['dvi'],
+    'application/x-dtbresource+xml': ['res'],
+    'application/x-dtbook+xml': ['dtb'],
+    'application/x-dtbncx+xml': ['ncx'],
+    'application/x-director': ['dir', 'dcr', 'dxr', 'cst', 'cct', 'cxt', 'w3d', 'fgd', 'swa'],
+    'application/x-bcpio': ['bcpio'],
+    'application/x-blorb': ['blb', 'blorb'],
+    'application/x-authorware-bin': ['aab', 'x32', 'u32', 'vox'],
+    'application/x-authorware-map': ['aam'],
+    'application/x-authorware-seg': ['aas'],
+    'application/x-futuresplash': ['spl'],
+    'application/x-gramps-xml': ['gramps'],
+    'application/x-wais-source': ['src'],
+    'application/x-pilot': ['prc', 'pdb'],
+    'application/x-pki-message': [],
+    'application/x-ns-proxy-autoconfig': ['pac'],
+    'application/x-xfig': ['fig'],
+    'application/x-msmediaview': ['mvb', 'm13', 'm14'],
+    'application/x-ms-wmd': ['wmd'],
+    'application/x-ms-wmz': ['wmz'],
+    'application/x-ms-xbap': ['xbap'],
+    'application/x-msmetafile': ['wmf', 'wmz', 'emf', 'emz'],
+    'x-conference/x-cooltalk': ['ice'],
+};
+/**
+ * Flat set of every extension known to {@link VALID_MIME_TYPES}, used by the
+ * extension-only fast path ({@link hasValidExtension}). Derived once at module
+ * load — kept in sync with the map automatically.
+ */
+exports.VALID_FILE_EXTENSIONS = new Set(Object.values(exports.VALID_MIME_TYPES).flat());
+/**
+ * Normalize a filename or raw extension to a lowercase no-dot extension token.
+ * Returns null if no extension is present.
+ */
+function normalizeExtension(input) {
+    const dot = input.lastIndexOf('.');
+    if (dot < 0 || dot === input.length - 1)
+        return null;
+    return input.slice(dot + 1).toLowerCase();
+}
+/**
+ * Returns true when the given filename ends in a recognized extension.
+ * Files with no extension, or extensions that aren't in {@link VALID_FILE_EXTENSIONS},
+ * are rejected as "fake" / nonsense.
+ *
+ * Prefer {@link validateFileType} when a `File` object is available — it catches
+ * extension spoofing that this function cannot.
+ */
+function hasValidExtension(filename) {
+    const ext = normalizeExtension(filename);
+    if (!ext)
+        return false;
+    return exports.VALID_FILE_EXTENSIONS.has(ext);
+}
+/**
+ * Strict file validation: the browser-reported MIME type must be known, AND the
+ * filename's extension must be one of the extensions registered for that type.
+ *
+ * Rejects:
+ *  - files with no extension
+ *  - files whose `type` is empty or unknown to {@link VALID_MIME_TYPES}
+ *  - files whose extension does not match the registered list for `file.type`
+ *    (extension-spoofing guard, e.g. `.exe` renamed to `.jpg`)
+ *
+ * `file.type` comparison is case-insensitive; some browsers lowercase but a few
+ * legacy ones don't.
+ */
+function validateFileType(file) {
+    const mimeType = file.type.toLowerCase();
+    if (!mimeType)
+        return false;
+    const allowedExtensions = exports.VALID_MIME_TYPES[mimeType];
+    if (!allowedExtensions)
+        return false;
+    const ext = normalizeExtension(file.name);
+    if (!ext)
+        return false;
+    return allowedExtensions.includes(ext);
+}
+/**
+ * Look up every MIME type that legitimately produces the given extension.
+ * Useful for `accept`-attribute construction or reverse diagnostics.
+ */
+function getMimeTypesForExtension(extension) {
+    const ext = extension.startsWith('.') ? extension.slice(1).toLowerCase() : extension.toLowerCase();
+    const matches = [];
+    for (const [mimeType, exts] of Object.entries(exports.VALID_MIME_TYPES)) {
+        if (exts.includes(ext))
+            matches.push(mimeType);
+    }
+    return matches;
+}