We fixed a security issue in our platform which made it possible to abuse our asset system for hosting phishing websites. Previously a user could upload and process files with the mime type text/html. From now on the asset system will return an invalidContentType validation error when trying to process these files.

If you want to continue storing HTML files in Contentful, please use application/octet-stream as the contentType. Keep in mind that these files will not be rendered by browsers by default.

Existing customers that are using this functionality were white-listed to ensure continuous functionality of their integrations. If you want to be white-listed or have any other questions regarding this fix, please contact our support support@contentful.com.