In WordPress multisite there is a set of allowed file extensions that can be found at Settings>Network Settings in the “Upload File Types” field. You can add to this list but what isn’t necessarily apparent is that if the extension isn’t already part of the list here1 then you can add extensions all day and you’ll still get the security warning. To make a weird extension work . . . like .studio3 for instance you have to add the extension there and do a bit more. I tossed the following code in our network activated custom Rampages plugin. It’s just a hodgepodge of bits of code like this that I want applied across the site but that doesn’t seem like it deserves a plugin of its own. Take note that if you try to guess at the mime type and get it wrong, things won’t work. You’ll be able to select the file in the media uploader but it’ll still give you the security warning. I found this site for determining mime types. There may be other ways but it worked. 1 It is a generous list.