That doesn’t really resolve the problem of is the media safe.
From a cybersecurity standpoint you should be validating the mime type of the media at a minimum (The actual magic number, not the extension). And running it through ClamAV as well, ideally, before it’s released to your media library.
That doesn’t really resolve the problem of is the media safe.
From a cybersecurity standpoint you should be validating the mime type of the media at a minimum (The actual magic number, not the extension). And running it through ClamAV as well, ideally, before it’s released to your media library.