search

imazen / imageflow-dotnet-server

A super-fast image server to speed up your site - deploy as a microservice, serverless, or embeddable.
https://docs.imageflow.io
GNU Affero General Public License v3.0
252 stars 33 forks source link

Meaning of "Production-ready for trusted image files" #50

Open gushonorato opened 3 years ago

gushonorato commented 3 years ago

I'm ready to replace my ImageMagick backend to imageflow, but I'm worried about "Production-ready for trusted image files" I read in docs. What that means? In my use case, imageflow will serve images uploaded by users. Is it safe to use imageflow in this case?

lilith commented 3 years ago

Imageflow hasn't been audited by a third party firm for use with untrusted image files, thus the statement. That said, it's almost certainly safer than ImageMagick (check the rate of CVEs for ImageMagick).

On Wed, Jul 28, 2021, 4:52 PM Gustavo Honorato @.***> wrote:

I'm ready to replace my ImageMagick backend to imageflow, but I'm worried about "Production-ready for trusted image files". What that means? In my use case, imageflow will serve images uploaded by users. Is it safe to use imageflow in this case?

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/imazen/imageflow-dotnet-server/issues/50, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAA2LH3IRQWNGC225HLTHX3T2CCZDANCNFSM5BFI4BOA .