Basic image validation for logo/favicon #112
Comments
|
Would migrating the favicon field from FileField to ImageField do the job here? |
|
I think that would work. Although the file size would need to be manually checked. |
|
I’m not sure about that after all. Maybe using proper size for images is a documentation / teaching issue between developers and users of an admin panel, not a technical constraint.
If a malicious user is in your admin, you have bigger problems! |
|
Still, it would be nice if there were some basic sanity checks. E.g. if it's a internal tool and some idiot decides to upload a 2GB+ file. Stuff like that. |
I think that the best thing that could be done here is to add 2 validators to the fields, one for check file size limit and another one for check file extension. |
|
Ah, I didn’t think that it would be important to support the old ICO type for a modern website.
If you rely on extension, please validate that the actual file contents match the type guessed from extension. |
|
@merwok when I started to abstract this library in my existing projects I used |
|
Turns out that django checks file extension only*, and relies on Pillow to determine all extensions supported by the system. ICO is marked as always supported in Pillow docs. (* but it also uses |
|
It was long time ago (maybe 8 years), but I remember that the |
|
You can upgrade to |
Currently, a person can upload any file as a favicon or logo under theme settings. This could be a security issue if a malicious user gains access to the theme settings.
Suggestion: there should be some basic header validation to prevent users from uploading non-image files. Also should limit the size of the upload (i.e. under 3 MB).
The text was updated successfully, but these errors were encountered: