dunkirk.sh / thistle
๐Ÿชป distributed transcription service thistle.dunkirk.sh
fork atom

feat: improve file upload validation #8

closed
opened by dunkirk.sh edited

Medium Priority#

Location: src/index.ts:1879-1903

Issues:#

  • File extension check but no MIME type verification
  • No malware scanning
  • No image/audio validation beyond size
  • Filename not sanitized before storage

Impact#

Malicious file uploads, path traversal attempts

Fix Time#

~1 hour

Recommendation#

Add MIME type validation, sanitize filenames, validate file headers

From LAUNCH_REVIEW.md Issue #18

sign up or login to add to the discussion
Labels

None yet.

priority
medium
assignee
dunkirk.sh
Participants 1
AT URI
at://did:plc:krxbvxvis5skq7jj6eot23ul/sh.tangled.repo.issue/3m6d4dnszpt2r