2020-06-30 12:48:07 +02:00
|
|
|
These minimum restrictions should be applied when handling file uploads:
|
2020-12-21 15:38:52 +01:00
|
|
|
|
|
|
|
|
* the file upload folder to restrict untrusted files to a specific folder.
|
|
|
|
|
* the file extension of the uploaded file to prevent remote code execution.
|
2020-06-30 12:48:07 +02:00
|
|
|
|
|
|
|
|
Also the size of the uploaded file should be limited to prevent denial of service attacks. This requirement is covered by the rule S5693.
|
