allowedMimes = $allowedMimes; } public function validate(string $attribute, mixed $value, Closure $fail): void { if (!$value instanceof UploadedFile) { $fail('The :attribute must be a valid file.'); return; } // Use finfo to detect actual MIME type (not just extension) $finfo = finfo_open(FILEINFO_MIME_TYPE); $mimeType = finfo_file($finfo, $value->getRealPath()); finfo_close($finfo); if (!in_array($mimeType, $this->allowedMimes)) { $fail("The :attribute has an unsupported file type ({$mimeType})."); } } }