On 5/9/2012 09:59, Felipe Monteiro de Carvalho wrote:
On Wed, May 9, 2012 at 2:46 PM, waldo kitty<[email protected]> wrote:
wouldn't it be better to use mimemagic instead of relying on the file's
extension?
You mean opening the file and reading the first bytes?
yes, it is the best way... but not all are at the beginning, either...
For my use case that's an over complication, and subject to multiple
possible errors:
Permission errors for example. Not really nice.
true... but then the user wouldn't have access to those files, either...
correct?
I am implementing LCLIntf.OpenDocument and LCLIntf.OpenURL for
Android, and here it might be good to just let whatever app that is
choosen handle the file and never open it myself.
ahhh, yes... that would be the easiest...
i can easily name foo.gif as foo.txt and those systems that do properly look
Though luck of whoever changed the extension. That makes choosing the
file in dialogs also problematic. I don't care about this use case.
understood... it has been used in exploits, though... especially in the
winwhatever world and is still used quite regularly... those of us in the
security world have network traffic sniffers specifically looking for traffic
that says it is one mime type yet the file extension says it is another and
finally the magic numbers say it is something else altogether... this traffic is
definitely red flag traffic and warrants a deeper look...
--
_______________________________________________
Lazarus mailing list
[email protected]
http://lists.lazarus.freepascal.org/mailman/listinfo/lazarus
