DEV Community

Discussion on: The simplest way to validate file input type

Collapse
 
lexlohr profile image
Alex Lohr

The user does not even need to use a browser to upload to your server, they could use curl or write a script in order to upload files. Checking the file type by extension may not suffice then, so be sure to check the content for type signatures (e.g. using the file utility on most unix systems or a library).

Collapse
 
joannaotmianowska profile image
Joanna Otmianowska

yes, this will be covered as well :)

Collapse
 
ugorji_simon profile image
Simon Ugorji

I think using a Nonce would also help in this scenario