我想验证 zip 文件是否包含任何“js”、“exe”、“JSON”文件
每当有这种类型的文件时,我都想处理它,而不是将相同的文件上传到 s3 存储桶。
const unzip = require('unzip'),
fs = require('fs'),
inputFileName = '/home/nn/Downloads/delete.zip'; // zip file path
fs.createReadStream(inputFileName)
.pipe(unzip.Parse())
.on('entry', (entry) => {
console.log(entry);
// how should i validate here
}
entry.autodrain();
});
最佳答案
您可以使用路径模块,并使用 extname(),它为您提供扩展名,然后使用包含检查您的易受攻击的扩展
const unzip = require('unzip'),
fs = require('fs'),
path = require('path'),
inputFileName = '/home/nayan/Downloads/delete.zip'; // zip file path
fs.createReadStream(inputFileName)
.pipe(unzip.Parse())
.on('entry', (entry) => {
const rest_file_path = ['.js', '.exe', '.zip'],
extension = path.extname(entry.path);
if (rest_file_path.includes(extension)) {
console.log(`Cant upload this zip file as it contains ${extension} file`) // you can handle it here and send a error response
}
entry.autodrain();
});
关于javascript - 在node js中查找,如果zip文件包含任何.js或.exe或.json格式,我想阻止这些类型的上传,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/56951392/