Allowing .zip Files to be Uploaded

Files to print. The website I created automatically zips all of the whitelisted files and sends them to a Google Cloud Bucket. The thing is, in the large format print industry people are used to handing over files in that are zipped already. Indesign files in particular are usually sent with linked files that folks zip.

I sort of have this, it uploads whitelisted files into a temporary folder. After 5 min it zips files the files they uploaded, after another 5 minutes it sends that zipped folder to the cloud bucket and notifies production a folder is ready, a week later it cleans them from the temp folder.

Maybe I am worried about nothing, just a lot of things say be very careful allowing people to upload certain file types.

@tovisbratsburg You said they want to upload zip files but here you say that you actually zip them:

After 5 min it zips files the files they uploaded

If that is the case then the whole question does not make sense. Just do not allow them to upload zip files and that is it. No headache for you.

For the user, zipping the files for upload reduces file size for transfer and is generally done when FTPing or Emailing indesign to keep them together.

I am going to explore clamAV.

"They may contain malicious files or a .zip bomb." I'd like the ability to scan them or figure out a way to make sure they are not a threat.

Awesome, I'll check this out! It might be the perfect solution.

https://www.clamav.net/

Looks like this might be an option too:

https://laravel-news.com/clamav-anti-virus-validator-for-laravel