|
|
|
|
|
|
by SahAssar
1692 days ago
|
|
|
The most straightforward answer is to not process the upload at all, treat it as a binary blob. As for serving it as an image etc. on your site have a strict CSP and turn off mime sniffing (and don't allow SVG uploads as images). |
|
|