Client restrictions
1, by the maximum upload file hidden form field limits the
<input type = name = 'MAX_FILE_SIZE ' VALUE = ' bytes' 'hidden' />
limit upload file type accept attribute
<input type = 'file' name = 'myFile' accept = 'MIME type of the file "/>
2, to limit the client, users can upload the modified code on the page, so that no practical significance. Should be limited on the server side
Limit upload file size
limit upload file type
to detect whether the real image type
whether as HTTP POST upload mode detection
All of the above can be added to limit the guarantee uploaded security guaranteed
Articles from http://www.96net.com.cn/