Index: openacs-4/packages/general-comments/www/comment-add-3.tcl
===================================================================
RCS file: /usr/local/cvsroot/openacs-4/packages/general-comments/www/comment-add-3.tcl,v
diff -u -N -r1.13.2.1 -r1.13.2.2
--- openacs-4/packages/general-comments/www/comment-add-3.tcl	16 Nov 2019 15:19:04 -0000	1.13.2.1
+++ openacs-4/packages/general-comments/www/comment-add-3.tcl	16 Mar 2022 10:45:08 -0000	1.13.2.2
@@ -12,12 +12,19 @@
     object_id:naturalnum,notnull
     title:notnull
     content:html,notnull
-    comment_mime_type
+    comment_mime_type,notnull
     { context_id:naturalnum "$object_id" }
     { category "" }
     { return_url:localurl "" }
     { attach_p:boolean "f" }
-}    
+} -validate {
+    comment_mime_type_allowed -requires comment_mime_type:notnull {
+        if {$comment_mime_type ni {"text/plain" "text/html"}} {
+            ad_complain [_ acs-tcl.lt_name_is_not_valid [list name comment_mime_type]]
+            return
+        }
+    }
+}
 
 # This authentication actually is not necessary anymore due to the
 # fact that we already check for the permission afterwards, so it