Perhaps instead of rejecting specific file types, you should only
allow specific file types? Most of the time a file upload is taking
place the programmer has some sort of idea what the user will upload.
This is probably the most secure method, even though it won't work for
everyone.
On Feb 20, 6
Thanks for the pointer! The docs are at
http://docs.djangoproject.com/en/dev/ref/forms/validation/#ref-forms-validation.
I had been letting Django use the default forms, and hadn't read much
about forms, so I'd missed that hook. I used a clean_()
method and it works perfectly. The only thing left
Validation is a big subject, and the validation of files can be very
complex aswell. Anyways to validate you need to define a clean method
in your form. Here you put the code that can test things like file
types, and whatever you can think of using python. I can't get you the
link as I'm not at my
I'm totally new to Django and authorized/secure web apps, and really
loving it for this. But I've got a few really novice questions. I've
got a model with a FileField, to which users can upload an arbitrary
file. In the model docs for the FileField it says, "Validate all
uploaded files." And I'm n
4 matches
Mail list logo
