Extra Notes on Security Measures
Extra Notes on Security Measures
Imewekwa: 23 June, 2025
Extra Notes on Security Measures
| Measure | Action Taken |
|---|---|
| i. Restrict file types | Validated only JPEG, PNG, WEBP |
| ii. Content validation | Used finfo to inspect real MIME type |
| iii. File size | Enforced 2MB max via byte length |
| iv. File name sanitization | Used UUID + extension, no user input |
| v. Non-public storage | Files stored under storage/app/uploads/news |
| vi. Validate before save | Decoded & validated before writing |
| vii. Use Laravel tools | Used Laravel validation + helpers |
