GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → mixkorshun → django-safe-filefield

mixkorshun / django-safe-filefield

Licence: MIT license
Secure file field, which allows you to restrict uploaded file extensions.

Programming Languages

python
139335 projects - #7 most used programming language

Labels

djangoformsmodel

Projects that are alternatives of or similar to django-safe-filefield

blender-importer-unity
A tool to fix orientation issues from Blender to Unity
Stars: ✭ 23 (-43.9%)
Mutual labels:  model
boxdetect
BoxDetect is a Python package based on OpenCV which allows you to easily detect rectangular shapes like character or checkbox boxes on scanned forms.
Stars: ✭ 46 (+12.2%)
Mutual labels:  forms
ElasticModels
ElasticModels is a elasticsearch object modeling tool designed to work in and asynchronous environment. Builded for official elasticsearch client library Main inspiration was mongoose project
Stars: ✭ 13 (-68.29%)
Mutual labels:  model
PureForm
No description or website provided.
Stars: ✭ 22 (-46.34%)
Mutual labels:  forms
sweetconfirm.js
👌A useful zero-dependencies, less than 434 Bytes (gzipped), pure JavaScript & CSS solution for drop an annoying pop-ups confirming the submission of form in your web apps.
Stars: ✭ 34 (-17.07%)
Mutual labels:  forms
hephaestus-engine
Render, animate and interact with custom entity models in Minecraft: Java Edition servers
Stars: ✭ 77 (+87.8%)
Mutual labels:  model
hookahjs
Add empty/dirty/touched CSS hooks to input and textarea elements automatically (1056 bytes)
Stars: ✭ 21 (-48.78%)
Mutual labels:  forms
live-form-validation
⛔ Nice client-side live form validation for Nette Forms.
Stars: ✭ 55 (+34.15%)
Mutual labels:  forms
laravel-record
What if Laravel's Collection and Model classes had a baby?
Stars: ✭ 21 (-48.78%)
Mutual labels:  model
mcnp
📊复杂网络建模课程设计. The project of modeling of complex networks course.
Stars: ✭ 69 (+68.29%)
Mutual labels:  model
Faker.Portable
C# faked data generation for testing and prototyping purpose.
Stars: ✭ 12 (-70.73%)
Mutual labels:  model
ethereum-economic-model
A modular dynamical-systems model of Ethereum's validator economics
Stars: ✭ 79 (+92.68%)
Mutual labels:  model
form.js
🖍️ Automagic forms.
Stars: ✭ 16 (-60.98%)
Mutual labels:  forms
Apollo
A basic Application with multiple functionalities built with FastAPI aim to help Users Buy New Items Provided using PaypalAPI 🚀
Stars: ✭ 22 (-46.34%)
Mutual labels:  model
laravel-route-model-autobinding
THIS PACKAGE HAS BEEN DEPRECATED — Automatically bind Eloquent models as route segment variables.
Stars: ✭ 14 (-65.85%)
Mutual labels:  model
dokuwiki-plugin-bureaucracy
Create forms and generate pages or emails from them
Stars: ✭ 43 (+4.88%)
Mutual labels:  forms
i7n-pdfhtml
pdfHTML is an iText 7 add-on for C# (.NET) that allows you to easily convert HTML and CSS into standards compliant PDFs that are accessible, searchable and usable for indexing.
Stars: ✭ 111 (+170.73%)
Mutual labels:  forms
ember-formly
JavaScript powered forms for Ember
Stars: ✭ 24 (-41.46%)
Mutual labels:  forms
vue-use-form
✅ A Vue.js composition API function to validate forms
Stars: ✭ 97 (+136.59%)
Mutual labels:  forms
database-all
Eloquent ORM for Java 【database-spring-boot-starter】
Stars: ✭ 151 (+268.29%)
Mutual labels:  model
View All Similar Projects ➔

django-safe-filefield

build status code coverage pypi pep8 MIT

Secure file field, which allows you to restrict uploaded file extensions. It may be useful for user-uploaded files (attachments).

This package adds model and forms field. What this fields does:

  • restricts allowed file extensions (for example: only *.pdf files)
  • checks file extensions is correct for sent content-type
  • checks sent content type is correct for file content (detects by libmagic)
  • checks uploaded file with anti-virus software

Installation

The package can be installed using:

pip install django-safe-filefield

Add the following settings:

INSTALLED_APPS += [
    'safe_filefield',
]

django-safe-filefield requires libmagic to be installed.

Usage

Simply add field to your model:

from safe_filefield.models import SafeFileField

class MyModel(models.Model):

    attachment = SafeFileField(
        allowed_extensions=('xls', 'xlsx', 'csv')
    )

Or directly to your form:

from safe_filefield.forms import SafeFileField

class MyForm(forms.Form):

    attachment = SafeFileField(
        allowed_extensions=('xls', 'xlsx', 'csv')
    )

Content type checking

To check actual file content type, use check_content_type argument. This will prevent attacker from uploading malicious file just by changing its extension.

class MyForm(forms.Form):
    attachment = SafeFileField(
        check_content_type=True
    )

ClamAV support

Note

To use this functionality you should have clamd daemon.

This package has ability to check uploaded file with ClamAV antivirus.

To use anti-virus protection simply enable it in your form or model definition:

from safe_filefield.forms import SafeFileField

class MyForm(forms.Form):
    attachment = SafeFileField(
        scan_viruses=True,
    )

You can configure some ClamAV settings:

CLAMAV_SOCKET = 'unix://tmp/clamav.sock'  # or tcp://127.0.0.1:3310

CLAMAV_TIMEOUT = 30  # 30 seconds timeout, None by default which means infinite

Contributing

If you have any valuable contribution, suggestion or idea, please let me know as well because I will look into it.

Pull requests are welcome.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].