mime-type filtering
J. Lambrecht
21 August 2015, 11:52
I hope this is no extraneous request. Is it possible to have Hiawatha validate for return and/or request traffic to contain just the mime-types permitted for a specific URL or resource (file , page)?
This to avoid, should content become contaminated, executable content could be offered for download where for example only text or images should be allowed.
By extension, if Hiawatha could adapt this enforcement based on the content-type of the HTML, that could prove awesome.
See also the "signed content" feature request.
Hugo Leisink
21 August 2015, 12:13
Checking for the content to match the mimetype is not really possible. A valid JPG can still contain an exploit. Hiawatha can however protect content from being changed. Check the FileHashes option.
J. Lambrecht
29 August 2015, 11:19
True, thanks for the FileHashes hint.
J. Lambrecht
29 August 2015, 11:22
I should really make time to read Manual pages again. There's much more there then when i started. Great feature it is.
This topic has been closed.