Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
Z
Z
zakharkang2019-01-25 19:31:38
PHP
zakharkang, 2019-01-25 19:31:38

How to check images for malicious code?

Good afternoon.
The question arose: how to check images for the presence of malicious code, and is it necessary for this scheme of working with images? How dangerous is all this , and where exactly does paranoia begin in this matter?
1. The user uploads an image by accessing the form (select file -> upload);
2. Then on the server it is converted with compression, the file name also changes;
3. The image is displayed to the user.

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
D
DevMan, 2019-01-25
@zakharkang

1. Images must be called/given exactly as images. that is, the web server, upon request domain/directory/picture.jpg , should return exactly the picture, even if it contains php code.
in other words - php must be disabled in folders with pictures. each web server does this differently.
2. if there is a malicious code in the picture, then the conversion will most likely return an error.

Similar questions
G
GRO242019-08-30 15:23:29
Why doesn't Bootstrap 4 align blocks? 2Reply
R
Rooly2021-03-23 11:40:40
How to properly organize apiResource Laravel? 2Reply
S
sergeybogevolny2015-04-06 21:36:50
Is there an example of interaction between bootstrap wizard form and php? 2Reply
C
Calius2014-05-30 13:19:16
What to choose for a modern knowledge base (knowledge) for a small team? 6Reply
P
PRIZ63rus2014-06-03 08:49:19
How to forward VPN through Juniper srx router to Qnap NAS? 3Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question