[Image-SIG] memoryError in FpxImageUploadPlugin.py
Alec Bennett
wrybread at gmail.com
Sun Apr 17 20:09:11 CEST 2011
Agreed in a web form situation it seems reasonable to expect the file to have the correct file extension. And in fact that's the usual safeguard against people uploading php scripts or whatever containing malicious code.
But if you really want to be able to detect file type independently of the extension you might research reading the file header. (that's a guess, I'm not saying that will definitely work).
Sent from my payphone
On Apr 17, 2011, at 12:13 AM, "Charlie Clark" <charlie.clark at clark-consulting.eu> wrote:
> Am 16.04.2011, 17:51 Uhr, schrieb Gábor Farkas <gabor at nekomancer.net>:
>
>> is PIL's image-format-detection purely filename-extension based?
>> i mean, what happens if i take the problematic file, and rename it
>> to have a jpeg-extension... will PIL not try the other file-format-plugins,
>> when jpeg fails?
>
> No, PIL won'.t It isn't brilliant but that's how it works. Try and think through the converse: this could be JPEG but I'll work my way through the alternatives till I'm sure. In your situation it seems perfectly reasonable to expect the MIME-type to be available, so you can enforce it in the form handling.
>
> Charlie
> --
> Charlie Clark
> Managing Director
> Clark Consulting & Research
> German Office
> Helmholtzstr. 20
> Düsseldorf
> D- 40215
> Tel: +49-211-600-3657
> Mobile: +49-178-782-6226
> _______________________________________________
> Image-SIG maillist - Image-SIG at python.org
> http://mail.python.org/mailman/listinfo/image-sig
More information about the Image-SIG
mailing list