Saving images to webserver
ambassador at fourthworld.com
Tue Nov 15 12:37:37 EST 2016
John Allijn wrote:
> I found this thread on the forums:
> If you scroll down, you see the solution at the bottom of the page.
> Works perfectly!
> The data that I am sending (pictures of public buildings) isn’t very
> risky. So I’ll stick with this solution. Maybe a more secure way
> presents itself in the future :)
REST APIs over HTTP are an excellent default choice, where other options
may become relevant if for some reason a REST API cannot be used.
FTP is indeed too dangerous for anyone to use, and SFTP only secures the
transmission but does not alter the role of FTP as a means of providing
ad hoc traversal of a file repository.
Of course if that's what you want that's what you should use. But it's
often helpful to keep in mind the security principle of Least
Privileges: only provide as much access as a given task truly requires.
When the goal is to move specific data to a specific location, a REST
API allows you control over what can and can't be done. It serves as a
gatekeeper, allowing you to examine incoming data to ensure that what's
being sent is what's expected, providing an opportunity to sanitize as
For example, an image will have a file name, and with FTP/SFTP that file
name can be any string that resolves to a valid location on the server.
The file path could be "~/public_html/something.jpg.php", and once
installed if the file contains PHP code it could be executable from
anywhere in the world.
A REST API gives you the opportunity to reject file names that include
"/", and those which any suffix anywhere in the string which may trigger
execution, like ".php" or ".lc" (Apache doesn't care if it's the only
file name extension, or even the last; if configured to handle PHP or
other scripting engine it'll execute it when requested just the same).
You could go even further to ensure the ostensible file data also
includes the "magic number" header that should be present in an image
file of a given type, though there are reasons why that alone still
won't be sufficient, and if you've already blocked arbitrary file
locations that risk has already been mitigated.
HTTP-based REST APIs make an excellent default choice, for their role as
gatekeeper. All systems are hackable, but at a minimum we want to use
common good practices to at least make it challenging for the bad guys
to get control of our servers. And as long as we keep Least Privileges
in mind as we type each line of code, with every decision we make along
the way our systems become just a little more hardened against attack.
Fourth World Systems
Software Design and Development for the Desktop, Mobile, and the Web
Ambassador at FourthWorld.com http://www.FourthWorld.com
More information about the Use-livecode