Open ic-hv opened 3 years ago
[TASK] Allowed file-endings should not only get checked on the client-side but also on the server-side
Remember: Checks on client-side may easily be circumvented by opening up javascript console and doing this for example: $ allowed_ext.push("php")
[TASK] Allowed file-endings should not only get checked on the client-side but also on the server-side
Remember: Checks on client-side may easily be circumvented by opening up javascript console and doing this for example: $ allowed_ext.push("php")