What would be a good filename-sanitizing helper for file uploads? Currently I'm doing:
- Strip directory prefix. - If filename contains "\\" (Windows directory prefix), strip through the rightmost backslash. - Convert all non-basic characters to "_". Basic characters are "A-Za-z0-9._-". I'm not sure what to check the extension against. I don't want to exclude any possibly-legitimate multimedia extensions, including archaic or obscure formats. I'm not sure whether to allow multiple dots. On the one hand, things like *.gif.exe are evil. On the other hand, things like "myname.2009-10-22.utf8.txt" are not. I looked in WebHelpers and did not find anything, so I think a filename-sanitizing helper is needed. -- Mike Orr <sluggos...@gmail.com> --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "pylons-devel" group. To post to this group, send email to pylons-devel@googlegroups.com To unsubscribe from this group, send email to pylons-devel+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/pylons-devel?hl=en -~----------~----~----~----~------~----~------~--~---
