Beefy Boxes and Bandwidth Generously Provided by pair Networks
Keep It Simple, Stupid

Re: security: making sure graphics uploaded by users are safe

by CountZero (Bishop)
on Sep 30, 2009 at 06:13 UTC ( #798241=note: print w/replies, xml ) Need Help??

in reply to security: making sure graphics uploaded by users are safe

A good trick might be to randomly change the size, the format or the resolution of the image a few times (of course ending up with the original size and resolution or with a standard size, format and resolution). This is likely to seriously scramble the contents of the file and break any embedded code.

Especially if you use a "lossy" format such as jpeg the chances of anything hidden in the file to survive will be low.

Unfortunately it will also reduce the quality of the image, but nowadays, most images have too high a resolution for webpages anyhow and reducing this to a mofre reasonable resolution will also serve the purpose of "destroying" any unwanted payload in the file.


A program should be light and agile, its subroutines connected like a string of pearls. The spirit and intent of the program should be retained throughout. There should be neither too little or too much, neither needless loops nor useless variables, neither lack of structure nor overwhelming rigidity." - The Tao of Programming, 4.1 - Geoffrey James

  • Comment on Re: security: making sure graphics uploaded by users are safe

Log In?

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://798241]
and the pool shimmers...

How do I use this? | Other CB clients
Other Users?
Others imbibing at the Monastery: (6)
As of 2018-06-22 19:37 GMT
Find Nodes?
    Voting Booth?
    Should cpanminus be part of the standard Perl release?

    Results (124 votes). Check out past polls.