LiveView file uploads, ImageMagick and security

Allow_upload/3 allows you to list file type specifiers you’ll accept as uploads, but I can’t find information whether this list is checked against the file header or the file name. For example, will a malicious file that is just named “innocent_file.jpg” be accepted?

I’m thinking of using ImageMagick, but I’m concerned about giving uploads to it without proper filtering and I’m wondering if I’ll have to do the filtering myself. If I have to do it myself, are there any good libraries for it?

It is checking against file extensions… but You have tools to detect the real file type.


In general, using a proper library or system command would probably be better, but since my use case is very limited (check if an image is an image), I chose to create a couple of functions to check the file signatures. I’m posting them here in case they are of use to someone and obviously if someone sees an issue with them, criticism is always welcome.

def file_signature_matches?(:png, file_path) do
  read_bytes(file_path, 8) == "89504E470D0A1A0A"

defp read_bytes(file_path, num) do
  |>!([], num)
  |> Enum.take(1)
  |> List.first()
  |> Base.encode16()

The Enum.take/2 and List.first/1 are a bit wonky looking, but I couldn’t figure out a better way to get stuff out of the stream.