Sanitize file upload form & input

**This issue is NOT open for anyone to take but I am open to and welcome any and all suggestions.**

Currently, the upload form does not validate files being uploaded and leaves this app vulnerable.

# Tasks

The upload form should only allow XML files

The upload form should validate the XML file for any illegal characters/non-XML syntax.

- [x] Only allow XML files
- [ ] Validate XML files
- [ ] Protect app from XML based attacks

# Resources
- **OPSWAT An In-Depth Look at XML Document Attack Vectors**: https://www.opswat.com/blog/depth-look-xml-document-attack-vectors

- **OWASP XML External Entity Injection (XXE) Cheat Sheet**: https://github.com/OWASP/CheatSheetSeries/blob/master/cheatsheets/XML_External_Entity_Prevention_Cheat_Sheet.md

- **OWASP XML Security Cheat Sheet**: https://github.com/OWASP/CheatSheetSeries/blob/master/cheatsheets/XML_Security_Cheat_Sheet.md

- **OWASP XML Based Attacks PDF**: https://www.owasp.org/images/5/58/XML_Based_Attacks_-_OWASP.pdf

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Sanitize file upload form & input #4

Tasks

Resources

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Sanitize file upload form & input #4

Description

Tasks

Resources

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions