Securing anonymous image uploads

Sites like www.ebayclassifieds.com let users upload images in order to see thumbnail previews and make image adjustments before posting content. Visitors are able to upload images to those sites anonymously without any authorization beforehand.

Can the same type of image previews be done for a smaller site that has bandwidth and disk space constraints? I'd guess that one would set up a cron job to periodically delete images that were anonymously uploaded. But what are other measures that can be taken so that bandwidth usage and disk space don't get out of hand, in case someone tries to spam your site with bogus image uploads?

Answers


Here are some ideas off the top of my head:

  1. Use session state to keep track of uploaded files and delete them automatically when the session expires.
  2. Limit uploads per session/visitor (ie. one per anonymous visitor)
  3. Limit the maximum size of a file that can be uploaded.
  4. Limit image types to only those that are compressed (ie. don't allow BMPs)
  5. Scale the images down to a reasonable size as soon as they are uploaded. You probably don't need full size.

Need Your Help

Python web framework for I/O intensive page

python web frameworks io

I have a very I/O intensive task (it crawls webpages). I want to make this task available via a web API and built some JavaScript+HTML interface on top of it. And I want to do it in Python, since I

Scaling HTML/CSS to fit various monitors, is it possible?

html css mobile

I know SVG supports this. But I'm wondering if HTML/CSS can be scaled up and down, like an image to fit various monitors? For example, think an HTML5 phonegap based mobile app that just "works" on ...

About UNIX Resources Network

Original, collect and organize Developers related documents, information and materials, contains jQuery, Html, CSS, MySQL, .NET, ASP.NET, SQL, objective-c, iPhone, Ruby on Rails, C, SQL Server, Ruby, Arrays, Regex, ASP.NET MVC, WPF, XML, Ajax, DataBase, and so on.