MIME Type spoofing

前端未结

关注

 3  835

长情又很酷 2020-12-09 18:47

Checking for mime type in php is pretty easy but as far as I know mime can be spoofed. The attacker can upload a php script with for example jpeg mime type. One thing that c

3条回答

一整个雨季 (楼主)

2020-12-09 19:19
Check the extension.
You can also - like you said - check if the extension match the MIME type, but it's much more easy to just check the extension.

Btw why do you care about the MIME type?
0 讨论(0)

查看其它3个回答
发布评论:

提交评论
- 加载中...