[BUG] Add MIME type validation for file uploads using magic numbers (#330)#364
[BUG] Add MIME type validation for file uploads using magic numbers (#330)#364BhakktiGautam wants to merge 1 commit into
Conversation
|
@BhakktiGautam is attempting to deploy a commit to the Durgeshwar's projects Team on Vercel. A member of the Team first needs to authorize it. |
|
@BhakktiGautam Multiple errors. Feature not working as expected. Please attach a screen recording for whatever you are giving the pr for else I won't be viewing it again due to continuous erroneous pr's. |
|
@BhakktiGautam At the very start frontend is not working because of the way you have updated the toolsData.jsx. Next the frontend layout is completely off from all the tools as you have created a seperate page that does not follow the layout. For some reason the current input instead of taking the pdf as the input it is taking image as input. How am I supposed to even check whether the functionality is actually working or not? All in all I cannot even move to reviewing the backend unless the frontend starts working. |


📌 Closes Issue
Closes #330
🐛 Problem
Current validation only checks file extensions. Malicious files renamed as
.pdfcan bypass validation.✅ Solution
Implement magic number (MIME type sniffing) validation that reads file headers.
📁 Files Changed
backend/utils/mime_validator.pybackend/utils/decorators.pybackend/requirements.txtbackend/blueprints/pdf.pybackend/blueprints/image.pybackend/blueprints/removebg.pybackend/blueprints/pdf_to_docx.pybackend/blueprints/docx_to_pdf.py✅ Rule Compliance
Request
GSSoClabelbug,security,level:beginnerlabelsReady for review! 🚀