ASP.NET - Limit file upload available file types

Using RegularExpressionValidator may help you. No serverside code is necessary for the checking of the file extension. Check out this code

<asp:RegularExpressionValidator ID="uplValidator" runat="server" ControlToValidate="FileUpload1" ErrorMessage=".mp3, .mp4 & wma formats are allowed"  ValidationExpression="(.+\.([Mm][Pp][3])|.+\.([Mm][Pp][4])|.+\.([Ww][Mm][Aa]))"></asp:RegularExpressionValidator>

Remember all you have to do is now add a fileupload control with the id FileUpload1. Done. You can press F5 and see the effect

Use the accept attribute directly in the tag (it's not really supported by the control, but will be delivered to client anyway)

While you could list file extensions, e.g: ".xls,.xlsx", this is NOT recommended, and some browsers get confused by it.

It's better to use MIME types (browser will map them to appropriate extensions for you):

 Upload MP3: <asp:FileUpload runat="server" accept=""audio/mpeg" />

Use comma-separated list if needed, e.g.:

 Upload Excel files: <asp:FileUpload runat="server"                  accept="application/vnd.ms-excel,application/vnd.openxmlformats-officedocument.spreadsheetml.sheet" />

Supported browsers and more info: http://www.w3schools.com/tags/att_input_accept.asp

Common MIME types below (snapshot of http://www.sitepoint.com/web-foundations/mime-types-summary-list/ )

.au audio/basic.avi video/msvideo, video/avi, video/x-msvideo.bmp image/bmp.bz2 application/x-bzip2.css text/css.dtd application/xml-dtd.doc application/msword.docx application/vnd.openxmlformats-officedocument.wordprocessingml.document.dotx application/vnd.openxmlformats-officedocument.wordprocessingml.template.es application/ecmascript.exe application/octet-stream.gif image/gif.gz application/x-gzip.hqx application/mac-binhex40.html text/html.jar application/java-archive.jpg image/jpeg.js application/x-javascript.midi audio/x-midi.mp3 audio/mpeg.mpeg video/mpeg.ogg audio/vorbis, application/ogg.pdf application/pdf.pl application/x-perl.png image/png.potx application/vnd.openxmlformats-officedocument.presentationml.template.ppsx application/vnd.openxmlformats-officedocument.presentationml.slideshow.ppt application/vnd.ms-powerpointtd>.pptx application/vnd.openxmlformats-officedocument.presentationml.presentation.ps application/postscript.qt video/quicktime.ra audio/x-pn-realaudio, audio/vnd.rn-realaudio.ram audio/x-pn-realaudio, audio/vnd.rn-realaudio.rdf application/rdf, application/rdf+xml.rtf application/rtf.sgml text/sgml.sit application/x-stuffit.sldx application/vnd.openxmlformats-officedocument.presentationml.slide.svg image/svg+xml.swf application/x-shockwave-flash.tar.gz application/x-tar.tgz application/x-tar.tiff image/tiff.tsv text/tab-separated-values.txt text/plain.wav audio/wav, audio/x-wav.xlam application/vnd.ms-excel.addin.macroEnabled.12.xls application/vnd.ms-excel.xlsb application/vnd.ms-excel.sheet.binary.macroEnabled.12.xlsx application/vnd.openxmlformats-officedocument.spreadsheetml.sheet.xltx application/vnd.openxmlformats-officedocument.spreadsheetml.template.xml application/xml.zip application/zip, application/x-compressed-zip

As stated above, it's not possible out of the box.

The simpler solution that I've found: use a RegularExpressionValidator to check the file extension. No need for JavaScript or external libraries. Of course, it only checks the extension, not the file content (you must use server-side code and inspect the bytes), and does not change anything to the file list displayed in the folder browser.

<asp:RegularExpressionValidator ControlToValidate="FileUpload1" ValidationExpression="^.*\.(mp3|MP3)$" runat="server" />