in general, what are things i would want to 'watch for/guard against' in a file upload situation?
i have my file upload working (in the self-made framework @ work without any concession for multipart form uploads), but was told to make sure it's cleansed and cannot do any harm inside the system. my checklist so far is basically to check the extension - ensure it has 3 places, ensure it's in the allowed list (like jpg gif etc...). not sure what else i could do to guard against anything bad happening. maybe the file name itself could cause greif? not sure but any suggestions or examples are most welcome :) -- http://mail.python.org/mailman/listinfo/python-list
