stackoom
  简体   繁体   中英

External Image Security

 原文  2011-11-21 11:05:28       php/ image

Question

I've got a function on a site that searches Wikipedia for images that are relevant to something a user has put in a text box. If it finds anything it'll download the image and serve it up via a resizing function that looks like 

http://mysite.com/image/resize/?w=x&h=x

Is there anything that I should be concerned about?

1 answers

solution1
 1 ACCPTED  2011-11-21 11:13:26

They might put a huge amount of load on your server by entering massive numbers for x and y. You'd better restrict the dimensions and you should probably do some sort of caching on this. A malicious user could flood your site with requests and force it to download lots of images, flooding it's downward bandwidth.

If you read the wikipedia guidelines, hotlinking is actually allowed , you might be better off passing them through the URL you get from Wikipedia.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question image upload security php image storing - security Cakephp Image Security Image delete security vulnerabilities Image upload directory security Security issues when displaying external images Rest API security without authentication on external requests External image vulnerabilities download and resize an external image resizing an external image
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM