[development] How to handle uploads in a secure fashion?
Derek Wright
drupal at dwwright.net
Tue Jun 20 16:10:45 UTC 2006
On Jun 19, 2006, at 10:58 AM, Fabio Varesano wrote:
> Should the munge_filename function became a file api?
it should, yes, but that's complicated. part of the
upload_munge_filename() stuff depends on a whitelist of approved file
extensions. those are handled as a setting from the upload.module.
so, to make munge* a separate function in file.inc that didn't depend
on the upload.module, we'd need to put those settings somewhere else,
too. since the existing munge stuff was done in the heat of the
moment to get 4.7.2 out, no one felt like doing that much additional
work to make things generic, moving all this code into the file API,
etc...
but, it's a pain in the neck for those of us trying to make contribs
more secure using this stuff, since now our modules will depend on
the upload module, even if they don't the regular upload form
element, etc. we should definitely consider reorganizing this code
in 4.8. sadly, i'm going to be unavailable for drupal hacking until
mid july, so i can't spearhead this effort (at least not until at
least the end of july).
-derek (dww)
More information about the development
mailing list