[development] How to handle uploads in a secure fashion?
Fabio Varesano
fabio.varesano at gmail.com
Mon Jun 19 17:58:23 UTC 2006
Hi everybody,
I just received an email from Ber asking to check my modules for
security issues related to file uploads.
Maybe others of you received too that emails.
He tell me to check my module for upload related issue and see at the
4.7.1->4.7.2 patch as guide.
Well... it seems that the main addition is the upload_munge_filename
... but this is an upload module only functions.
Should the munge_filename function became a file api?
Moreover a handbook page explaining how to handle uploads in security
is needed.
Fabio Varesano
More information about the development
mailing list