Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
Z
Z
zakharkang2019-01-25 19:31:38
PHP
zakharkang, 2019-01-25 19:31:38

How to check images for malicious code?

Good afternoon.
The question arose: how to check images for the presence of malicious code, and is it necessary for this scheme of working with images? How dangerous is all this , and where exactly does paranoia begin in this matter?
1. The user uploads an image by accessing the form (select file -> upload);
2. Then on the server it is converted with compression, the file name also changes;
3. The image is displayed to the user.

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
D
DevMan, 2019-01-25
@zakharkang

1. Images must be called/given exactly as images. that is, the web server, upon request domain/directory/picture.jpg , should return exactly the picture, even if it contains php code.
in other words - php must be disabled in folders with pictures. each web server does this differently.
2. if there is a malicious code in the picture, then the conversion will most likely return an error.

Similar questions
W
WebforSelf2021-03-23 23:45:26
How to start server after centos 7 backup, vestacp? 3Reply
I
ibr_982017-04-24 19:18:51
Why doesn't "MouseEnter" work in visual c#? 2Reply
V
VAZSOFT2019-09-28 20:55:53
Save POST request to TXT? 5Reply
A
Alexey Segodin2021-04-14 14:18:26
How to make an SSL certificate for a server that does not yet use a domain? 4Reply
L
leviathan2017-05-10 17:06:01
How to display a specific widget in wordpress? 3Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question