5 articles

📰 Dev.to · Tommaso Bertocchi

Articles from Dev.to · Tommaso Bertocchi · 5 articles · Updated every 3 hours · View all reads

All ⚡ AI Lessons (10399) ArXiv cs.AIDev.to · FORUM WEBDev.to AIForbes InnovationOpenAI NewsHugging Face Blog
I Spent 3 Hours Adding Antivirus to My Express App. Then I Reduced It to 3 Lines.
Dev.to · Tommaso Bertocchi 1d ago
I Spent 3 Hours Adding Antivirus to My Express App. Then I Reduced It to 3 Lines.
Two years ago, I shipped my first production app with file uploads. A week later, my mentor asked:...
Read article → + Playlist
Most file upload security in Node.js is still just extension checks. That’s not enough. Pompelmi scans uploads before storage for MIME spoofing, risky archives, suspicious structures, and optional YARA. OSS, MIT. GitHub https://github.com/pompelmi/pompelmi
Dev.to · Tommaso Bertocchi 1w ago
Most file upload security in Node.js is still just extension checks. That’s not enough. Pompelmi scans uploads before storage for MIME spoofing, risky archives, suspicious structures, and optional YARA. OSS, MIT. GitHub https://github.com/pompelmi/pompelmi
...
Read article → + Playlist
How to Scan File Uploads in Express
Dev.to · Tommaso Bertocchi 2w ago
How to Scan File Uploads in Express
Many Express apps let users upload files. That usually starts as a product feature: profile...
Read article → + Playlist
This open-source tool scans uploads before they become a problem
Dev.to · Tommaso Bertocchi 3w ago
This open-source tool scans uploads before they become a problem
Most file upload flows are built for convenience first. A user selects a file. The backend checks...
Read article → + Playlist
Your File Upload Endpoint Is Part of Your Attack Surface
Dev.to · Tommaso Bertocchi 1mo ago
Your File Upload Endpoint Is Part of Your Attack Surface
Your File Upload Endpoint Is Part of Your Attack Surface Most file upload flows look safe...
Read article → + Playlist