You should everywhere check every input data whenever you make image
resizer or something else. Do not trust any input.
вторник, 15 мая 2012 г., 18:21:24 UTC+4 пользователь Alan Hoffmeister
написал:
>
> Marc, that would work, but I'm concerned about security... What if
> someone access the url /images/100000/100000/avatar.jpg ?
>
> --
> Att,
> Alan Hoffmeister
>
>
> 2012/5/15 Marc Deschamps <md.fle...@gmail.com>:
> > I've done something like this using express:
> >
> > app.get('/images/:width/:height/:filename', routes.images.resize);
> >
> > Work great, in html i can do:
> >
> > <img src="/images/70/70/avatar.jpg"/>
> >
> > --
> > Job Board: http://jobs.nodejs.org/
> > Posting guidelines:
> > https://github.com/joyent/node/wiki/Mailing-List-Posting-Guidelines
> > You received this message because you are subscribed to the Google
> > Groups "nodejs" group.
> > To post to this group, send email to nodejs@googlegroups.com
> > To unsubscribe from this group, send email to
> > nodejs+unsubscr...@googlegroups.com
> > For more options, visit this group at
> > http://groups.google.com/group/nodejs?hl=en?hl=en
>
--
Job Board: http://jobs.nodejs.org/
Posting guidelines:
https://github.com/joyent/node/wiki/Mailing-List-Posting-Guidelines
You received this message because you are subscribed to the Google
Groups "nodejs" group.
To post to this group, send email to nodejs@googlegroups.com
To unsubscribe from this group, send email to
nodejs+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/nodejs?hl=en?hl=en
