- The File Upload feature exposes the application to upload malicious files. This results in both, client side
- While uploading files restrict
- Uploading harmful content like exe
- Overwriting existing files
- Uploaded file size to prevent Denial of Service attack
Prevent Unrestricted File Upload: Validate File Extension
Secure Code
- The code validates file extension using regular expression
Cheng® 