Contribute Media
A thank you to everyone who makes this possible: Read More

The dangerous, exquisite art of safely handing user-uploaded files

Translations: en

Description

Tom Eastman https://kiwi.pycon.org/schedule/presentation/110/ "Come On, What Harm Can a User Profile photo Do?". The most dangerous thing you can do with your web application is allow people to upload files to it, not even the best web frameworks can fully protect you from the range of damage that can be done. I'll show you every scary thing I know about that can be done with a file upload, and how to protect yourself from -- hopefully -- most of them.

Details

Improve this page