It is necessary to store uploaded files on a different server to the web app if you deploy with Heroku. I've had a look through some of their add-ons in the market place and many seem good for storage and delivery like Cloudinary and Filestack (although the latter is too expensive for testing with so I'm favouring Cloudinary). Moreover they provide out of the box image transformations which reduces the work my own server would have to do potentially. As for security I think I'm right in saying the file size restrictions they provide are reliable. The only concern I'm left with therefore is properly validating the file is indeed an image - my use case - or more generally the right file type. Cloudinary does have a file type restriction but I think this just checks the extension and doesn't actually validate the file content. It seems silly to have to upload the image to my heroku server first to check this before it gets sent to the storage service provider. Does anybody know of such a service?
File Type Validation Service
134 Views Asked by user1849962 At
1
There are 1 best solutions below
Related Questions in SECURITY
- How to solve CERT_UNTRUSTED error in nodemailer
- Run a loop over a callback, node js
- Implementing prerender.io middleware in sails.js
- Token based authorization in nodejs/ExpressJs and Angular(Single Page Application)
- formatting path string in javascript
- One to One screensharing using WEBRTC
- Create polygon from grid (for collisions)
- Strange npm behavior when installing packages like grunt
- Convert JSON.gz to JSON in node js
- "Your npm version is outdated." but it's not. While install yo
Related Questions in HEROKU
- How to solve CERT_UNTRUSTED error in nodemailer
- Run a loop over a callback, node js
- Implementing prerender.io middleware in sails.js
- Token based authorization in nodejs/ExpressJs and Angular(Single Page Application)
- formatting path string in javascript
- One to One screensharing using WEBRTC
- Create polygon from grid (for collisions)
- Strange npm behavior when installing packages like grunt
- Convert JSON.gz to JSON in node js
- "Your npm version is outdated." but it's not. While install yo
Related Questions in CLOUDINARY
- How to solve CERT_UNTRUSTED error in nodemailer
- Run a loop over a callback, node js
- Implementing prerender.io middleware in sails.js
- Token based authorization in nodejs/ExpressJs and Angular(Single Page Application)
- formatting path string in javascript
- One to One screensharing using WEBRTC
- Create polygon from grid (for collisions)
- Strange npm behavior when installing packages like grunt
- Convert JSON.gz to JSON in node js
- "Your npm version is outdated." but it's not. While install yo
Related Questions in FILE-SECURITY
- How to solve CERT_UNTRUSTED error in nodemailer
- Run a loop over a callback, node js
- Implementing prerender.io middleware in sails.js
- Token based authorization in nodejs/ExpressJs and Angular(Single Page Application)
- formatting path string in javascript
- One to One screensharing using WEBRTC
- Create polygon from grid (for collisions)
- Strange npm behavior when installing packages like grunt
- Convert JSON.gz to JSON in node js
- "Your npm version is outdated." but it's not. While install yo
Trending Questions
- UIImageView Frame Doesn't Reflect Constraints
- Is it possible to use adb commands to click on a view by finding its ID?
- How to create a new web character symbol recognizable by html/javascript?
- Why isn't my CSS3 animation smooth in Google Chrome (but very smooth on other browsers)?
- Heap Gives Page Fault
- Connect ffmpeg to Visual Studio 2008
- Both Object- and ValueAnimator jumps when Duration is set above API LvL 24
- How to avoid default initialization of objects in std::vector?
- second argument of the command line arguments in a format other than char** argv or char* argv[]
- How to improve efficiency of algorithm which generates next lexicographic permutation?
- Navigating to the another actvity app getting crash in android
- How to read the particular message format in android and store in sqlite database?
- Resetting inventory status after order is cancelled
- Efficiently compute powers of X in SSE/AVX
- Insert into an external database using ajax and php : POST 500 (Internal Server Error)
Popular # Hahtags
Popular Questions
- How do I undo the most recent local commits in Git?
- How can I remove a specific item from an array in JavaScript?
- How do I delete a Git branch locally and remotely?
- Find all files containing a specific text (string) on Linux?
- How do I revert a Git repository to a previous commit?
- How do I create an HTML button that acts like a link?
- How do I check out a remote Git branch?
- How do I force "git pull" to overwrite local files?
- How do I list all files of a directory?
- How to check whether a string contains a substring in JavaScript?
- How do I redirect to another webpage?
- How can I iterate over rows in a Pandas DataFrame?
- How do I convert a String to an int in Java?
- Does Python have a string 'contains' substring method?
- How do I check if a string contains a specific word?
Cloudinary performs the actual content validation and not just the extension check. You can test changing a file extension and uploading it to see if it fails. I changed the extension of jpg to png and to a doc and both of them uploaded as jpg to Cloudinary.