OK, so I've seen a lot of discussions about securing image upload forms, however someone told me No, what to do is actually preventing 100% malicious code from being uploaded to my application.
I am currently thinking of rebuilding the image, as I saw it is a very safe method. Are other options present? Apart from these extensions, which extensions are preferred?
I am currently re-imagining the image, as I saw it would be a very safe way .
Unless you use it for rebuilding, it is not insecure: p. But seriously, I think this is not a bad idea and in most cases it will improve security.
To improve the security you can locate the content type (in previous versions of PPA) using mime_content_type (). / P>
Functions in this module try to guess the encoding of the content type and file, looking for some magic byte scenes on specific positions within the file. Although this is not a bulletproof approach, the used heriticians do a very good job.
For the question, the PHP extension is best for secure extensions ... I have tested the website
In comparison, I think the GD suite is the best because it has the least security problems And they are quite old. Three of them are important, but ImagMagick and Gmagick do not perform better ... ImageMagick looks very small (at least when it comes to security), then I choose Gmagick as the second option.
Comments
Post a Comment