You should everywhere check every input data whenever you make image resizer or something else. Do not trust any input.
вторник, 15 мая 2012 г., 18:21:24 UTC+4 пользователь Alan Hoffmeister написал: > > Marc, that would work, but I'm concerned about security... What if > someone access the url /images/100000/100000/avatar.jpg ? > > -- > Att, > Alan Hoffmeister > > > 2012/5/15 Marc Deschamps <md.fle...@gmail.com>: > > I've done something like this using express: > > > > app.get('/images/:width/:height/:filename', routes.images.resize); > > > > Work great, in html i can do: > > > > <img src="/images/70/70/avatar.jpg"/> > > > > -- > > Job Board: http://jobs.nodejs.org/ > > Posting guidelines: > > https://github.com/joyent/node/wiki/Mailing-List-Posting-Guidelines > > You received this message because you are subscribed to the Google > > Groups "nodejs" group. > > To post to this group, send email to nodejs@googlegroups.com > > To unsubscribe from this group, send email to > > nodejs+unsubscr...@googlegroups.com > > For more options, visit this group at > > http://groups.google.com/group/nodejs?hl=en?hl=en > -- Job Board: http://jobs.nodejs.org/ Posting guidelines: https://github.com/joyent/node/wiki/Mailing-List-Posting-Guidelines You received this message because you are subscribed to the Google Groups "nodejs" group. To post to this group, send email to nodejs@googlegroups.com To unsubscribe from this group, send email to nodejs+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/nodejs?hl=en?hl=en