brainlid

brainlid

Can Phoenix Safely use the Zip Module?

Elixir has a built-in Zip library that comes with OTP. This post explores how to use the zip module and asks the important question: “Is this safe to use with user provided zips?” We explore two different types of zip-based attacks and see what we learn from it.

Where Next?

Popular Backend topics Top

New
New
Rainer
Just wrote a short post, more a memo to myself, but maybe someone find it useful :stuck_out_tongue: https://dwarfte.ch/2021/02/03/giving...
New
paulanthonywilson
So you’re enjoying using WebSockets with Elixir’s Phoenix Framework, and you want to send some binary messages. Maybe it’s an audio clip,...
New
paulanthonywilson
I had a bit of a mini-adventure following Sobelow’s advice on adding a CSP to a Phoenix App. If you want to follow along, or want to add ...
New
First poster: bot
Over the last few years, due in large part to the hype surrounding blockchain and cryptocurrencies, decentralized applications have gaine...
New
First poster: bot
This post explains why Scala projects are difficult to maintain. Scala is a powerful programming language that can make certain small te...
New
First poster: bot
At Grammarly, the foundation of our business, our core grammar engine, is written in Common Lisp. It currently processes more than a thou...
New
First poster: bot
I wrote Python for the last 10 years, and I always tend to write code in a “functional” way - map, filter, lambda and so on, it makes me ...
New
RudManusachi
Hi there! Recently I was playing around with extracting and updating data in the DB and for fun challenged myself to try to implement a ...
New

Other popular topics Top

PragmaticBookshelf
Design and develop sophisticated 2D games that are as much fun to make as they are to play. From particle effects and pathfinding to soci...
New
AstonJ
SpaceVim seems to be gaining in features and popularity and I just wondered how it compares with SpaceMacs in 2020 - anyone have any thou...
New
New
AstonJ
Saw this on TikTok of all places! :lol: Anyone heard of them before? Lite:
New
AstonJ
Biggest jackpot ever apparently! :upside_down_face: I don’t (usually) gamble/play the lottery, but working on a program to predict the...
New
foxtrottwist
A few weeks ago I started using Warp a terminal written in rust. Though in it’s current state of development there are a few caveats (tab...
New
PragmaticBookshelf
Build efficient applications that exploit the unique benefits of a pure functional language, learning from an engineer who uses Haskell t...
New
Help
I am trying to crate a game for the Nintendo switch, I wanted to use Java as I am comfortable with that programming language. Can you use...
New
husaindevelop
Inside our android webview app, we are trying to paste the copied content from another app eg (notes) using navigator.clipboard.readtext ...
New
NewsBot
Node.js v22.14.0 has been released. Link: Release 2025-02-11, Version 22.14.0 'Jod' (LTS), @aduh95 · nodejs/node · GitHub
New