According to How to inject executable, malicious code into PDF, JPEG, MP3, etc.? metadata can contain malicious code
I am working on an app that handles sensitive sales information, and there is a part where the user can upload a sound for a personal jingle (won't give more details about that) A manager user can edit and download the sound file, we are using html5 tag
- Should I clean the audio file metadata?
- Is there a way to do this programmatically?
The project uses C# as back-end, Azure services, HTML5 with js.
Aucun commentaire:
Enregistrer un commentaire