Introduction

Determining MIME type on Android is essential for opening files with correct apps, validating uploads, and applying security rules. There is no single perfect source of truth, so robust code combines multiple strategies: content resolver metadata, file extension mapping, and fallback inference. Relying on extension alone is fragile, while relying on provider metadata alone fails for incomplete content URIs.

Core Sections

From content URI via ContentResolver

For files delivered through providers, query MIME type directly.

fun mimeFromUri(context: Context, uri: Uri): String? {
    return context.contentResolver.getType(uri)
}

This is often the best result for SAF and media content.

From extension using MimeTypeMap

Useful for plain file paths or unknown providers.

1fun mimeFromExtension(path: String): String? {
2    val ext = MimeTypeMap.getFileExtensionFromUrl(path)
3    return MimeTypeMap.getSingleton().getMimeTypeFromExtension(ext.lowercase())
4}

If extension is missing or wrong, result may be null/incorrect.

Combined strategy with fallback

1fun resolveMime(context: Context, uri: Uri): String {
2    return context.contentResolver.getType(uri)
3        ?: mimeFromExtension(uri.toString())
4        ?: "application/octet-stream"
5}

Use conservative fallback for unknown binary content.

Validation before upload/share

For security-sensitive paths, verify MIME and optionally inspect headers/magic bytes on server side too.

Interop with intents

Set MIME explicitly when launching open/share intents.

intent.setDataAndType(uri, resolveMime(context, uri))

Common Pitfalls

• Trusting file extension only and accepting spoofed content types.
• Assuming ContentResolver.getType always returns non-null.
• Forgetting to lowercase extensions before MIME map lookup.
• Using overly broad MIME (*/*) and getting poor app chooser behavior.
• Skipping server-side MIME validation for uploaded files.

Implementation Playbook

To make this technique dependable in production, treat implementation as a repeatable operating pattern rather than a one-time code change. Start by defining a baseline with known inputs, expected outputs, and measurable latency or resource behavior. Baselines are essential because many failures emerge after environment drift, dependency upgrades, or infrastructure changes that do not touch your business logic directly. With a baseline, you can quickly identify whether a regression came from code, configuration, or platform behavior.

Next, build a compact validation matrix that exercises three categories: normal behavior, edge cases, and explicit failure modes. Keep tests deterministic and cheap enough to run in local development and CI. If your flow depends on external services, include contract fixtures or mocks for fast checks and reserve a smaller set of integration tests for environment verification. Pair correctness checks with observability: log correlation identifiers, branch decisions, and output status in structured form so incidents can be diagnosed without guesswork.

Before rollout, define operational controls up front. Specify timeout values, retry policy, fallback behavior, and rollback triggers. Roll out incrementally instead of changing multiple risk dimensions at once. A staged rollout reduces blast radius and makes it easier to attribute behavior changes to one cause. Capture final operating assumptions in a short runbook: prerequisites, compatibility constraints, known warning signs, and first-response actions. This prevents repeated rediscovery and improves handoff quality across teams.

Use this execution checklist every time you modify this part of the system:

11. Record baseline inputs, outputs, and runtime metrics
22. Run deterministic happy-path and edge-case tests
33. Validate failure handling and fallback behavior
44. Verify dependency and environment compatibility
55. Roll out incrementally with explicit rollback criteria
66. Update runbook notes with observed outcomes

Final Deployment Note

Before rollout, execute one final smoke test in an environment that matches production topology as closely as possible. Validate not only functional output but also observability signals such as logs, metrics, and error counters so silent regressions are visible immediately. If behavior differs from baseline, revert quickly and compare dependency versions, environment variables, and infrastructure assumptions before retrying. A short, repeatable pre-release check usually saves far more incident time than it costs during delivery.

Summary

On Android, MIME detection should be layered: provider metadata first, extension mapping second, safe fallback last. This approach improves compatibility and reduces security and UX problems when handling user files.