diff --git a/src/plone/restapi/services/aliases/add.py b/src/plone/restapi/services/aliases/add.py
index 0dd59166c..e54ccc0c6 100644
--- a/src/plone/restapi/services/aliases/add.py
+++ b/src/plone/restapi/services/aliases/add.py
@@ -94,11 +94,16 @@ def _reply_csv(self):
         form = self.request.form
         if not form.get("file"):
             raise BadRequest("No file uploaded")
+
+        file = form["file"]
+
+        if file.headers.get("Content-Type") not in ("text/csv", "application/csv"):
+            raise BadRequest("Uploaded file is not a valid CSV file")
+
         controlpanel = RedirectsControlPanel(self.context, self.request)
         storage = getUtility(IRedirectionStorage)
         status = IStatusMessage(self.request)
         portal = getSite()
-        file = form["file"]
         controlpanel.upload(file, portal, storage, status)
         file.close()