Contrib.social

How to validate upload file secure or not malicious file how to restrict

Open on Drupal.org →
Created on 8 August 2024, 7 months ago
Updated 15 August 2024, 6 months ago

Actually how to validate file while uploading below mention points:
1.File extension
2. File type
3. Content of the file

sample document attached while upload that file it's not validating malicious or not

💬 Support request
Status

Active

Version

2.0

Component

Code

Created by

🇮🇳India vinudhad

Live updates comments and jobs are added and updated live.
Sign in to follow issues

Comments & Activities

  • Issue created by @vinudhad
  • Comment 6 months ago
    🇮🇳India jai.kashyap New Delhi, India

    Hi i have the same issue and find out that we can validate file with metadata and magic byte.
    but i am not sure how to implement in module file. or should i use hook.

    if some one know the best way please describe.

    i have PDF file with XSS content, with metadata: yes

  • Comment 5 months ago
    🇮🇳India vinudhad

    I solved above issue custom hook added in the module.
    Run : composer require smalot/pdfparser

contrib.social Blog FAQ Discussions
Production build 0.71.5 2024