Welcome to WebmasterWorld Guest from

Forum Moderators: coopster & jatar k

Message Too Old, No Replies

Best Practices When Validating User Uploaded Images

6:23 pm on Jun 9, 2007 (gmt 0)

Full Member

10+ Year Member

joined:June 16, 2004
votes: 0

How do you guys validate (check for XSS and other nasties) user uploaded images?

[edited by: BlackRaven at 6:24 pm (utc) on June 9, 2007]

7:50 pm on June 9, 2007 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Sept 17, 2002
votes: 0

I've never thought about XSS exploits in uploaded photos. When a member uploads a photo the first thing I do is an AV test. Then I check it to be sure the format of the file matches the file's extension. If it passes those tests I attempt to open the file in a server-side photo editor. If that works I watermark the image and save it.

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

Featured Threads

Free SEO Tools

Hire Expert Members