Menu
Criminals can fake the content type of the file he's uploading. So, if I receive the file on the server through my page, I cannot just check its MIME type and file extension. Is there any reliable way to check if uploaded file is in fact the JPEG, GIF or PNG? I need to reject all other formats. I could attempt to read the file bit by bit, but what am I looking for? Thanks for any kind of suggestions or ideas!
372
You could attempt to parse the image inside a try-catch using Bitmap.FromStream(stream), with the stream from your uploaded image. If it fails, you know it's not a real image. It's considered coding by exception, but in this case, you're actually looking for an exception.
130
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
