in reply to Re: security issues for allowing images to be uploaded to the server (Data::FormValidator helps)
in thread security issues for allowing images to be uploaded to the server

Not sure if you're already on the path but File::MMagic is a nice perl implementation for getting MIME type by magic!


I can't believe it's not psellchecked
  • Comment on Re: Re: security issues for allowing images to be uploaded to the server (Data::FormValidator helps)

Replies are listed 'Best First'.
Re: Re: Re: security issues for allowing images to be uploaded to the server (how well File::MMagic works)
by markjugg (Curate) on May 05, 2003 at 20:35 UTC

    Thanks for the pointer. I wasn't aware of File::MMagic, and it seems like a better solution than trusting either the mime type or extension that is sent with the file. Maybe I'll try "Magic" and if that fails, and if that can't be found, try the mime-type, and if we can't try that, check the extension.

    Can anyone vouch for the accuracy of File::MMagic for usual web upload cases?

    -mark

[reply]

In Section Seekers of Perl Wisdom