> upload (with clamav, usually).
There are some file types, such as .png and .wav, where that approach is
not at all secure. The file command will tell you that the file is
image/png, but IE 6 will detect it as text/html and run scripts in it.
The ClamAV step is almost pointless. It does nothin
tedd wrote:
> At 11:45 PM +1100 12/16/08, Tim Starling wrote:
>> I thought the list might be interested in a tutorial for secure
>> web-based file uploads that I just wrote:
>>
>> http://tstarling.com/blog/2008/12/secure-web-uploads/
>>
>> -- Tim Starling
&g
I thought the list might be interested in a tutorial for secure
web-based file uploads that I just wrote:
http://tstarling.com/blog/2008/12/secure-web-uploads/
-- Tim Starling
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
3 matches
Mail list logo
