Not really a Cake question, but using Cake so figured I would ask.
Uploading images (the end user, not admin) I have been reading about stenography where the image can contain data / functions embedded in it so in theory the user can edit the url to execute the code embedded.
I know have the server / clamshell or what not scan images / files but if you are not serving the actual uploaded image.
If you are only taking a part of the uploaded image using imagecopyresampled or imagecreatefromjpeg / gif / png cropping re-sizing does that make any difference?
Just curious.
Thanks all.
Dave
No comments:
Post a Comment