A Multipurpose Internet Mail Extensions (MIME) type is a standard that indicates the nature and format of a document, file, or assortment of bytes. It is defined and standardized in IETF RFC 6838.
The Internet Assigned Numbers Authority (IANA) is responsible for all official MIME types, and you can find the most up-to-date and complete list at their Media Types page.
Syntax
General structure
type/subtype
A MIME type consists of a type and a subtype — two strings separated by
/. No whitespace is allowed. The type represents the category and can be a discrete or a multipart type. The subtype is specific to each type.
MIME types are case-insensitive but traditionally written in lowercase.
Discrete types
text/plain text/html text/javascript text/css image/jpeg image/png audio/mpeg audio/ogg audio/* video/mp4 application/* application/json application/ecmascript application/octet-stream …
Discrete types indicate the category of the document. They can be one of the following:
| Type | Description | Example of typical subtypes |
|---|---|---|
text | Any document that contains text and is theoretically human readable | text/plain, text/html, text/css, text/javascript, text/markdown |
image | Any kind of image. Videos are not included, though animated images (like animated GIF) are described with an image type. | image/gif, image/png, image/jpeg, image/bmp, image/webp, image/vnd.microsoft.icon |
audio | Any kind of audio file | audio/midi, audio/mpeg, audio/webm, audio/ogg, audio/wav |
video | Any kind of video file | video/webm, video/ogg |
application | Any kind of binary data, especially data that will be executed or interpreted somehow. | application/octet-stream, application/pkcs12, application/vnd.mspowerpoint, application/xhtml+xml, application/xml, application/pdf |
For text documents without a specific subtype,
text/plain should be used.
Similarly, for binary documents without a specific or known subtype,
application/octet-stream should be used.Multipart types
multipart/form-data multipart/byteranges
Multipart types indicate a category of document broken into pieces, often with different MIME types. They represent a composite document. With the exception of
multipart/form-data, used in the POST method of HTML Forms, and multipart/byteranges, used with 206Partial Content to send part of a document, HTTP doesn't handle multipart documents in a special way: the message is transmitted to the browser (which will likely show a "Save As" window if it doesn't know how to display the document.)Important MIME types for Web developers
application/octet-stream
This is the default for binary files. As it means unknown binary file, browsers usually don't execute it, or even ask if it should be executed. They treat it as if the
Content-Dispositionheader was set to attachment, and propose a "Save As" dialog.
text/plain
This is the default for textual files. Even if it really means unknown textual file, browsers assume they can display it.
text/css
CSS files used to style a Web page must be sent with
text/css. If a server doesn't recognize the .css suffix for CSS files, it may send them with text/plain or application/octet-stream MIME types. If so, they won't be recognized as CSS by most browsers and will be ignored.
text/html
All HTML content should be served with this type. Alternative MIME types for XHTML (like
application/xhtml+xml) are mostly useless nowadays.
text/javascript
The Scripting languages section of the HTML Standard states:
Servers should usetext/javascriptfor JavaScript resources. Servers should not use other JavaScript MIME types for JavaScript resources, and must not use non-JavaScript MIME types.
The other JavaScript MIME types that should not be used are defined in the MIME Sniffing Standard as follows:
application/javascriptapplication/ecmascriptapplication/x-ecmascriptapplication/x-javascripttext/ecmascripttext/javascript1.0text/javascript1.1text/javascript1.2text/javascript1.3text/javascript1.4text/javascript1.5text/jscripttext/livescripttext/x-ecmascripttext/x-javascript
Image types
Only a few image types are widely recognized enough to be safe for use in a Web page:
| MIME type | Image type |
|---|---|
image/gif | GIF images (lossless compression, superseded by PNG) |
image/jpeg | JPEG images |
image/png | PNG images |
image/svg+xml | SVG images (vector images) |
image/x-icon, image/vnd.microsoft.icon[1] | Windows icons |
There is a discussion to add WebP (
image/webp) to this list, but browser vendors are cautious in accepting it.
Other kinds of images can be found in Web documents. For example, many browsers support ICO images for favicons with the
image/x-icon MIME type.- Footnote 1
- Despite
image/vnd.microsoft.iconbeing registered with IANA, it is largely unsupported, andimage/x-iconis being used instead.
Audio and video types
Like images, HTML doesn't define supported types for the
<audio> and<video> elements, so only some can be used on the Web. Media formats supported by the HTML audio and video elements explains both the codecs and container formats which can be used.
The MIME type of audiovisual files mostly indicate the container formats. The most common ones on the Web are:
| MIME type | Audio or video type |
|---|---|
audio/waveaudio/wavaudio/x-wavaudio/x-pn-wav | An audio file in the WAVE container format. The PCM audio codec (WAVE codec "1") is often supported, but other codecs have limited support (if any). |
audio/webm | An audio file in the WebM container format. Vorbis and Opus are the most common audio codecs. |
video/webm | A video file, possibly with audio, in the WebM container format. VP8 and VP9 are the most common video codecs; Vorbis and Opus the most common audio codecs. |
audio/ogg | An audio file in the OGG container format. Vorbis is the most common audio codec used in such a container. |
video/ogg | A video file, possibly with audio, in the OGG container format. Theora is the usual video codec used within it; Vorbis is the usual audio codec. |
application/ogg | An audio or video file using the OGG container format. Theora is the usual video codec used within it; Vorbis is the usual audio codec. |
multipart/form-data
The
multipart/form-data type can be used when sending the values of a completed HTML Form from browser to server.
As a multipart document format, it consists of different parts, delimited by a boundary (a string starting with a double dash
--). Each part is its own entity with its own HTTP headers, Content-Disposition, and Content-Type for file uploading fields.Content-Type: multipart/form-data; boundary=aBoundaryString (other headers associated with the multipart document as a whole) --aBoundaryString Content-Disposition: form-data; name="myFile"; filename="img.jpg" Content-Type: image/jpeg (data) --aBoundaryString Content-Disposition: form-data; name="myField" (data) --aBoundaryString (more subparts) --aBoundaryString--
The following
<form>:<form action="http://localhost:8000/" method="post" enctype="multipart/form-data">
<label>Name: <input name="myTextField" value="Test"></label>
<label><input type="checkbox" name="myCheckBox"> Check</label>
<label>Upload file: <input type="file" name="myFile" value="test.txt"></label>
<button>Send the file</button>
</form>
will send this message:
POST / HTTP/1.1
Host: localhost:8000
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:50.0) Gecko/20100101 Firefox/50.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Content-Type: multipart/form-data; boundary=---------------------------8721656041911415653955004498
Content-Length: 465
-----------------------------8721656041911415653955004498
Content-Disposition: form-data; name="myTextField"
Test
-----------------------------8721656041911415653955004498
Content-Disposition: form-data; name="myCheckBox"
on
-----------------------------8721656041911415653955004498
Content-Disposition: form-data; name="myFile"; filename="test.txt"
Content-Type: text/plain
Simple file.
-----------------------------8721656041911415653955004498--
multipart/byteranges
The
multipart/byteranges MIME type is used to send partial responses to the browser.
When the
206 Partial Content status code is sent, this MIME type indicates that the document is composed of several parts, one for each of the requested ranges. Like other multipart types, the Content-Type uses a boundary to separate the pieces. Each piece has a Content-Type header with its actual type and a Content-Range of the range it represents.HTTP/1.1 206 Partial Content
Accept-Ranges: bytes
Content-Type: multipart/byteranges; boundary=3d6b6a416f9b5
Content-Length: 385
--3d6b6a416f9b5
Content-Type: text/html
Content-Range: bytes 100-200/1270
eta http-equiv="Content-type" content="text/html; charset=utf-8" />
<meta name="vieport" content
--3d6b6a416f9b5
Content-Type: text/html
Content-Range: bytes 300-400/1270
-color: #f0f0f2;
margin: 0;
padding: 0;
font-family: "Open Sans", "Helvetica
--3d6b6a416f9b5--Importance of setting the correct MIME type
Most web servers send unrecognized resources as the
application/octet-stream MIME type. For security reasons, most browsers do not allow setting a custom default action for such resources, forcing the user to save it to disk to use it.
Some common incorrect server configurations:
- RAR-compressed files. In this case, the ideal would be the true type of the original files; this is often impossible as .RAR files can hold several resources of different types. In this case, configure the server to send
application/x-rar-compressed. - Audio and video. Only resources with the correct MIME Type will be played in
<video>or<audio>elements. Be sure to use the correct type for audio and video. - Proprietary file types. Avoid using
application/octet-streamas most browsers do not allow defining a default behavior (like "Open in Word") for this generic MIME type. A specific type likeapplication/vnd.mspowerpointlets users open such files automatically in the presentation software of their choice.
MIME sniffing
In the absence of a MIME type, or in certain cases where browsers believe they are incorrect, browsers may perform MIME sniffing — guessing the correct MIME type by looking at the bytes of the resource.
Each browser performs MIME sniffing differently and under different circumstances. (For example, Safari will look at the file extension in the URL if the sent MIME type is unsuitable.) There are security concerns as some MIME types represent executable content. Servers can prevent MIME sniffing by sending the
X-Content-Type-Options header.