How to Secure File Uploads: Essential Practices for Developers

1. Introduction

File upload is common in development, but its security risks are often overlooked, leading to vulnerabilities.

2. Security Recommendations for File Upload Development

Since uploaded files are controlled by the client, attackers can exploit them. The following recommendations help mitigate risks.

File Type Filtering

Developers should maintain a whitelist of allowed file types, avoid accepting arbitrary filenames or extensions, and clearly document the allowed list on the front end.

File Name Handling

Never use the original filename. Instead generate a new name, e.g., using a hash (MD5) combined with a timestamp, to prevent script injection.

// Spring boot development: avoid using the original filename
String originalFilename = MultipartFile.getOriginalFilename();

Even though characters like /, :, <, >, ? are filtered, others such as . * % $ can still appear in filenames, so renaming is essential.

If the business requires the original filename, store a mapping between the new name and the original.

Checksum Verification

Both upload and download operations should verify file checksums (MD5, SHA256) on the server, and optionally on the client.

Size Limitation

Enforce size limits (Spring can do this). If business needs exceed the limit, adjust carefully but never remove the restriction.

Access Control

Only authenticated and authorized users should be allowed to upload files; otherwise the system becomes an open image host.

Audit Logging

Record upload actions in audit logs that are independent of the file system to facilitate incident investigation.

3. Conclusion

While many security points exist, for typical development using third‑party storage, following the above measures is sufficient.