In addition to Weibo, there is also WeChat
Please pay attention
WeChat public account
Shulou
2025-01-28 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Development >
Share
Shulou(Shulou.com)06/01 Report--
This article mainly explains the "Golang how to limit Trojan picture upload server", the content of the article is simple and clear, easy to learn and understand, the following please follow the editor's ideas slowly in depth, together to study and learn "Golang how to limit Trojan picture upload server" bar!
Project background
We have developed a cloud object storage service to store all the file resources in a project.
problem
In the security test, I encountered a problem: unable to limit the Trojan virus simulated picture file to upload. A file that looks like a picture suffix is actually a Trojan script. For example, the image file: muma.jpeg, we use the UltraEdit editor to open this file, the content of the file is shown in the following figure:
However, the contents of a normal jpeg image file are shown in the following figure:
Solve
So how to solve this problem? There is no doubt that what we need to do is to distinguish between real pictures and Trojans.
After a fierce investigation, I finally found a solution, which is to use the standard library of Golang language-image.
However, there is a problem, the image library does not support all image types of verification, currently only supports jpeg, gif, png image format. We encapsulate a method and support the authenticity verification of three image formats at the same time.
The reference code is as follows:
Func CheckImageFile (path, style string) (string, error) {f, err: = os.Open (path) if err! = nil {fmt.Errorf ("failed to open file% s", err.Error ())} switch strings.ToUpper (style) {case "JPG", "JPEG": _ Err = jpeg.Decode (f) case "PNG": _, err = png.Decode (f) case "GIF": _, err = gif.Decode (f)} if err! = nil {fmt.Errorf ("failed to verify file type% s", err.Error ()) return "" Err} return "", nil}
When calling the above method, you only need to pass in the image path and suffix type to verify the authenticity of the file. Very convenient, I have verified and passed.
Thank you for your reading, the above is the content of "Golang how to restrict Trojan picture upload server". After the study of this article, I believe you have a deeper understanding of how Golang limits Trojan picture upload server, and the specific use needs to be verified in practice. Here is, the editor will push for you more related knowledge points of the article, welcome to follow!
Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.
Views: 288
*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.
Continue with the installation of the previous hadoop.First, install zookooper1. Decompress zookoope
"Every 5-10 years, there's a rare product, a really special, very unusual product that's the most un
© 2024 shulou.com SLNews company. All rights reserved.