Mike, Werkzeug has this:
http://werkzeug.pocoo.org/documentation/0.5.1/utils.html#werkzeug.secure_filename On Oct 9, 8:16 pm, Mike Orr <sluggos...@gmail.com> wrote: > What would be a good filename-sanitizing helper for file uploads? > Currently I'm doing: > > - Strip directory prefix. > - If filename contains "\\" (Windows directory prefix), strip through > the rightmost backslash. > - Convert all non-basic characters to "_". Basic characters are > "A-Za-z0-9._-". > > I'm not sure what to check the extension against. I don't want to > exclude any possibly-legitimate multimedia extensions, including > archaic or obscure formats. I'm not sure whether to allow multiple > dots. On the one hand, things like *.gif.exe are evil. On the other > hand, things like "myname.2009-10-22.utf8.txt" are not. > > I looked in WebHelpers and did not find anything, so I think a > filename-sanitizing helper is needed. > > -- > Mike Orr <sluggos...@gmail.com> --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "pylons-devel" group. To post to this group, send email to pylons-devel@googlegroups.com To unsubscribe from this group, send email to pylons-devel+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/pylons-devel?hl=en -~----------~----~----~----~------~----~------~--~---
