You can configure Adobe Experience Manager Assets to restrict the type of assets that users can upload. It helps you:
- eliminate the possibility of users uploading assets in an undesired format
- restrict upload of any malicious files.
To restrict the upload, configure “Day CQ DAM Asset Upload Restriction” as described on link
Once the configuration is done, you can test the files by uploading them to AEM. For restricted files, you would receive error message similar to the image attached below:
What to do if AEM does not allow upload of an unrestricted asset?
This can be case where AEM is unable to determine dc:format property for the asset. For example: OOTB AEM is unable to determine dc:format for .pam files.
You can verify the same by uploading the asset after selecting “Allow all MIME” config in “Day CQ DAM Asset Upload Restriction“. The dc:format might not be available on jcr:content/metadata node.
To fix this, we need to enable “Day CQ DAM Mime Type Service“.
Once the Mime Type Service is enabled, perform following steps to verify the upload restrictions:
- Configure “Day CQ DAM Asset Upload Restriction“. Deselect “Allow all MIME”
- Upload the unrestricted asset, that you were unable to upload earlier.
You should now be able to upload the asset. In CRXDE, you would find dc:format property in the jcr:content/metadata node of the asset.
Note: MIME type detection using the Apache Tika library is a resource-intensive operation. Reference link
Adobe Experience Cloud Blog 