Nginx and uploads

Valentin V. Bartenev ne at
Wed Aug 29 11:04:47 UTC 2012

On Tuesday 28 August 2012 19:02:31 w00t wrote:
> This seems odd. If it wasn't meant for Nginx to process uploaded files,
> then it couldn't have processed them by itself.

You should do this task in your application and it's not odd (see below why).

> So I am inclined to think that there must be a way to set the filename
> without going to such lenghts as to change the code.

Just rename the uploaded file is not enough. You also need to validate its 
content. Otherwise, you will open a potential security hole in your server.

 wbr, Valentin V. Bartenev

More information about the nginx mailing list