In this video, @heyAustinGil walks through some of the common security considerations to make when allowing file uploads in your application.
Links:
OWASP File Upload Cheat Sheet - cheatsheetseries.owasp.org/ch...
formidable - github.com/node-formidable/fo...
Akamai Malware Protection - www.akamai.com/newsroom/press...
Watch Austin's Livestreams here:
RU-vid: @heyAustinGil
Twitch: / heyaustingil
Website: austingil.com/
Chapters:
0:00 - Introduction
0:32 - In this video... + App Overview
2:30 - Extension Validation
3:22 - Filename Sanitization
4:04 - Upload and Download Limits
4:38 - File Storage Location
5:50 - Content-Type Validation
7:00 - File Content Validation
9:15 - Common Problems + Akamai Malware Protection
13:00 - Wrap Up + What's Next
#fileupload #owasp #security
1 авг 2024