From the course: Windsurf for Privacy-Conscious Development
Join today to access over 25,500 courses taught by industry experts.
File handling - Windsurf Tutorial
From the course: Windsurf for Privacy-Conscious Development
File handling
- [Liam] File upload functionality is one of the largest attack surfaces in web applications, as when users can upload files, they're essentially sending executable content to your server, which creates opportunities for code execution or data exfiltration or system compromise. And understanding common file upload vulnerabilities and how to detect them is very crucial for building secure applications. Unrestricted file type uploads represent a very dangerous vulnerability category, as when applications accept any file type without validation, attackers can upload executable files disguised as images or documents. Path traversal attacks exploit insufficient validation of file paths and names. An attacker may upload a file, such as this or this, attempting to overwrite critical system files or access sensitive data outside of the intended upload directory. So even seemingly harmless file names like image.jpeg can…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.