Y
Hacker News
new
|
ask
|
show
|
jobs
by
_def
8 days ago
They checked mime type for upload validation. Obviously the server request handler was configured to pass files to php, that was the whole point of the story.