CloudSOC DLP Policy ZIP Import Error: “Invalid file type”

1. Symptom

When uploading a DLP Policy ZIP exported from Enforce to CloudSOC (Bulk Import), the upload is immediately rejected with the message:

Invalid file type, allowed file types: text/xml,application/zip

No upload request is sent to the backend; the validation fails client-side in the browser.

2. Environment

3. Likely Cause

The CloudSOC frontend strictly checks the MIME type of the uploaded file.
Some browsers (especially Chrome on Windows) detect ZIP files as
application/x-zip-compressed or leave the MIME type empty (""),
which does not match the frontend whitelist (text/xml, application/zip).

<sym-fileupload name="profileUpload" accept="text/xml,application/zip" maxfilesize="1000000000">
   <div class="sym-fileUpload ui-fileupload-choose">
      <input pinputtext="" type="text" size="30" id="" placeholder="" class="ui-inputtext ui-inputtextlabel ui-state-default ui-widget">
      <sym-button icon="icon__file-upload" styleclass="ui-button-secondary">
         <button class="ui-button-secondary ui-button ui-widget ui-state-default ui-button-icon-only ui-corner-all">
         </button>
      </sym-button>
      <input type="file" name="profileUpload" accept="text/xml,application/zip" title="No file chosen">
   </div>
</sym-fileupload>

As a result, the upload is blocked before any network request is sent.

4. Temporary Workaround

• Open the CloudSOC Protect → DLP Policies page.
• Open the browser console (press F12, then select the Console tab).
• Paste and execute the following command:

Object.defineProperty(File.prototype, 'type', {
  get(){ return 'application/zip'; }
});

• Select your ZIP file and upload it.

Processing and notification may take some time, but the import eventually completes successfully.

The command temporarily overrides the built-in type property of all File objects in the browser.
Normally, when a file is selected, file.type is automatically set by the browser (e.g., application/x-zip-compressed or empty). This command forces every file’s type to always return "application/zip".

As a result, the CloudSOC frontend validation — which only allows "application/zip" — will accept the ZIP file and let the upload proceed.

The change only affects the current browser tab and lasts until the page is refreshed.

5. Traffic Analysis

From subsequent network capture, the actual multipart upload request contained:

------WebKitFormBoundaryAmHNhmNU312Xs023
Content-Disposition: form-data; name="file"; filename="EC2AMAZ-EVG712K_policies_2025-10-29T0157.zip"
Content-Type: application/x-zip-compressed

------WebKitFormBoundaryAmHNhmNU312Xs023--

This confirms that Chrome sends ZIP files as Content-Type: application/x-zip-compressed,
which the CloudSOC frontend currently does not recognize as valid.
Hence, the file is incorrectly rejected even though it is a legitimate ZIP.