user154's avatar

File Upload Vulnerability

I read about File Upload Vulnerability in this article https://securinglaravel.com/p/laravel-security-file-upload-vulnerability

here it is said to reduce the vulnerability by using the following line of code:

$request->photo->extension();

then I tried to look into laravel documentation and I found the following code:

$request->photo->hashName()

that code already generates a random name and includes the extension of the uploaded file, is this code safe to use or better to use something like this?

$filename = Hash::make($request->photo).'.'.$request->photo->extension();
0 likes
2 replies

Please or to participate in this conversation.