Best practices to prevent malicious file upload.

Hey everyone   Having a file attach feature in my system under development worries me about malicious file uploads. I know I can make a microflow to verify a file type, but is there a better way to avoid having to utilize the microflow everytime I have multiple file upload locations?   Thanks in advance
1 answers

Hello Jiramed,


What file uploader are you using currently.

With the standard file uploader you can already set the extensions that you want to receive, this can filter out quite a lot of other files:


However, it depends on which widget you use whether this is available or not.

But using a microflow and recalling this one several times is a good practice and actually makes your model highly maintainable and a microflow provides for more validation options.


Hope this helps,


Good luck!