On Sat, Aug 14, 2010 at 10:36:07PM +0200, Sebastian Ewert wrote: > Hi, > > before I allow to upload images I read them and check for several html > tags. If they exist I don't allow the upload. Is their any need to check > pdf files, too? At the time I'm doing this, but the result is that many > files are denied because of unallowed html tags. If I'm not mistaken, more recent versions of the PDF spec allow for embedded javascript. If so, it might be worthwhile to check for javascript in PDFs. (Whoever first thought of embedding *code* in documents should be shot.) Paul -- Paul M. Foster -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
