I am trying to upload only certain type of images into aws s3 bucket. For that i've added the following rule to my bucket policy
"Resource": [
"arn:aws:s3:::<bucket name>/*.jpg",
"arn:aws:s3:::<bucket name>/*.png",
]
This works fine ,however when i change extension of text file to png (eg: change sample.txt to sample.png) and try to upload its uploaded.
How can i prevent this??.
One solution i've founded is add a php image validation in my code and upload to AWS s3 ,but here i am using s3 direct browser upload in this method there is no need of normal way of php file upload also reduces the server overload. So i think adding php image validation on s3 direct browser upload is bad practise.
via Chebli Mohamed
Aucun commentaire:
Enregistrer un commentaire