解码 base64 字符串是否安全

Question

I am submitting a user submitted file (which is supposed to be an image) but it is possible to submit a python file instead. It is sent to the backend Flask server as a base64 encoded string, and decoded into a file in a child directory. I am worried about security, as the user submitted file will be included in dynamically generated HTML as a img src="/images/fileThatIDecoded.jpg" tag. I set the name and file extension myself. How can I validate that the decoded base64 string is a valid image? In order to use the imghdr module, I must already save the decoded string into a file, which might be unsafe.

---

My code:

mainPond.onaddfile = (err, item) => {
  if (err) {
    console.warn(err);
    return;
  }
  const base64String = item.getFileEncodeBase64String();
  console.log(base64String)
  document.getElementById("hiddenFile").value = base64String
}
document.getElementById("submitbtn").onclick = function() {
  if (validateForm()) {
    document.getElementById("form").submit()
  }
}

@app.route("/create", methods=["GET","POST"])
@login_required
def create():
    if request.method == "GET":
        return render_template("create.html")
    else:
        imgdata = request.form.get("mainFile")
        if helpers.verifyImage(imgdata[:44]):
            imgdata = base64.b64decode(imgdata)
            filename = 'some_image.jpg'
            filename = os.path.join(os.path.abspath(os.curdir), "images", filename)
            with open(filename, 'wb') as f:
                f.write(imgdata)

Answer 1

It is not safe to assume that a user provided file is safe. The base64 encoding does not have any effect on safety.

To validate if the provided file is an image, you can use the imghdr module in the standard library, which "determines the type of image contained in a file or byte stream."

You can pass the image as a byte stream directly to imghdr rather than saving it as a file.