Hi,
Is there a way to ensure that files uploaded by users are not malicious?
I’m building a registry that enables users to upload supporting documents for their projects that anyone can view. But, I need to make sure these documents don’t contain any virus’ etc.
Any idea what I can do?
Mike
Would love clarification on this as well. @emmanuel is there any type of malware checking/antivirus scan on user uploaded files?
This is getting reported by Penetration Tests as a vulnerability and needs to be addressed. How can uploaded files be virus checked to ensure they are not malicious? @josh @emmanuel does anyone care?
Our penetration reports on the platform are a concern. Out of date JS libraries that are not compliant with GDPR or PCI DSS means that nobody on the platform can get compliance, yet are unable to alter the the libraries. We are trapped!
You can use any malware scanning API, if you’d like to.
Good suggestion, but to be clear, the resolution is to take a file securely uploaded by a user and share the contents of that secure file to another third party so they can determine if it’s infected? This would be much better if it was handled on platform. There looks to a be few paid and even free services so choose wisely.
You can make your own API if you want - nobody says it has to go to a third party.
