Securing Image Uploads

This website contains links to software which is either no longer maintained or will be supported only until the end of 2019 (CKFinder 2). For the latest documentation about current CKSource projects, including software like CKEditor 4/CKEditor 5, CKFinder 3, Cloud Services, Letters, Accessibility Checker, please visit the new documentation website.

If you look for an information about very old versions of CKEditor, FCKeditor and CKFinder check also the CKEditor forum, which was closed in 2015. If not, please head to StackOverflow for support.

Sometimes a user can try to upload a file which is not an image file but appears to be one. Example: You have a text file called document.jpeg and you try to upload it. You can enable the image checking function by setting it to true in the following way:

CKFinder_Config.Add "SecureImageUploads", true

With this configuration the program will check the dimensions of the file. If they equal zero, then the file is considered to not be an image and it will be rejected be CKFinder.

This page was last edited on 29 March 2011, at 13:30.