Confirm
491
edits
Changes
→Uploads
== Uploads ==
'''Attacks of Concern''': Malformed user uploads containing JavaScript, HTML or other executable code, Arbitrary file overwrite
=== Image Upload ===
'''Upload Verification'''
* Use input validation to ensure the uploaded filename uses an expected extension type
* Ensure the uploaded image is not larger than a set maximum size
* Use image rewriting libraries to verify the image is valid and to strip away extraneous content
* Set the extension of the stored image to be a valid image extension (jpg, png, etc)
'''Upload Storage'''
* Use a new filename to store the image on the os. Do not use any user controlled text for this filename.
* Properly escape the uploaded filename to ensure the user cannot modify the storage location by including directory traversal characters
* Store all user uploaded files on a separate domain (e.g. mozillafiles.net vs mozilla.org)
'''Public Serving of Uploaded Content'''
* Ensure the image is served with the correct content-type (e.g. image/jpeg)
=Further Reading=
