laravel-at / laravel-image-sanitize
A small but handy package to prevent malicious code execution coming into your application through uploaded image files.
Installs: 36 235
Dependents: 0
Suggesters: 0
Security: 0
Stars: 229
Watchers: 14
Forks: 16
Open Issues: 1
Requires
- php: ^8.1
- ext-fileinfo: *
- illuminate/container: ^10.0|^11.0
- illuminate/contracts: ^10.0|^11.0
- illuminate/support: ^10.0|^11.0
- intervention/image: ^2.7|^3.4
Requires (Dev)
- orchestra/testbench: ^8.0|^9.0
README
It prevents malicious code execution!
This is a small but handy package to prevent malicious code execution coming into your application through uploaded images. It was created after being inspired by @appelsiini's talk on How to Hack your Laravel Application
Installation
You can install the package via composer:
composer require laravel-at/laravel-image-sanitize
Usage
Register the ImageSanitizeMiddleware
in your App\Http\Kernel
class
protected $routeMiddleware = [ // ... 'image-sanitize' => \LaravelAt\ImageSanitize\ImageSanitizeMiddleware::class, ];
Then, just use it in your Controller's constructor
public function __construct() { $this->middleware('image-sanitize'); }
Or use it in your routes/web.php
file
Route::post('/files', 'FileController@upload') ->name('file.upload') ->middleware(['image-sanitize']);
If you want to learn more about middlewares
, please check out the official Laravel documentation
Testing
composer test
Changelog
Please see CHANGELOG for more information on what has changed recently.
Contributing
Please see CONTRIBUTING for details.
Security
If you discover any security related issues, please email adrian@nuernberger.me instead of using the issue tracker.
Credits
- Adrian Nürnberger
- Mathias Onea
- Logo by Caneco
License
The MIT License (MIT). Please see License File for more information.