homepage Welcome to WebmasterWorld Guest from 54.237.98.229
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member
Home / Forums Index / Code, Content, and Presentation / PHP Server Side Scripting
Forum Library, Charter, Moderators: coopster & jatar k

PHP Server Side Scripting Forum

    
Best Practices When Validating User Uploaded Images
BlackRaven

10+ Year Member



 
Msg#: 3362984 posted 6:23 pm on Jun 9, 2007 (gmt 0)

How do you guys validate (check for XSS and other nasties) user uploaded images?

[edited by: BlackRaven at 6:24 pm (utc) on June 9, 2007]

 

GaryK

WebmasterWorld Senior Member 10+ Year Member



 
Msg#: 3362984 posted 7:50 pm on Jun 9, 2007 (gmt 0)

I've never thought about XSS exploits in uploaded photos. When a member uploads a photo the first thing I do is an AV test. Then I check it to be sure the format of the file matches the file's extension. If it passes those tests I attempt to open the file in a server-side photo editor. If that works I watermark the image and save it.

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Code, Content, and Presentation / PHP Server Side Scripting
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved