A comprehensive file security system for validating uploads and preventing attacks
Project description
safeuploads
Secure file upload validation for Python 3.13+ applications. Catches dangerous filenames, malicious extensions, Windows reserved names, and compression-based attacks before you accept an upload.
Features
- Framework-agnostic async validation (FastAPI, generic)
- Filename sanitization and Unicode security checks
- Extension validation with configurable allow/block lists
- ZIP bomb detection and content inspection
- MIME type verification with signature validation
- Rich exception hierarchy for precise error handling
- Zero configuration required—secure defaults out of the box
Installation
pip install safeuploads
For FastAPI integration:
pip install safeuploads[fastapi]
Quick Start
from fastapi import FastAPI, UploadFile, HTTPException
from safeuploads import FileValidator
from safeuploads.exceptions import FileValidationError
app = FastAPI()
validator = FileValidator()
@app.post("/upload")
async def upload_image(file: UploadFile):
try:
await validator.validate_image_file(file)
except FileValidationError as e:
raise HTTPException(status_code=400, detail=str(e))
return {"status": "success", "filename": file.filename}
Configuration
from safeuploads import FileValidator, FileSecurityConfig
# Use default secure configuration
validator = FileValidator()
# Or customize limits
config = FileSecurityConfig()
config.limits.max_image_size = 10 * 1024 * 1024 # 10 MiB
config.limits.max_compression_ratio = 50
validator = FileValidator(config=config)
Exception Handling
from safeuploads.exceptions import (
FileValidationError, # Base exception
FileSizeError, # File too large
ExtensionSecurityError, # Dangerous extension
ZipBombError, # Compression attack
)
try:
await validator.validate_image_file(file)
except FileSizeError as err:
return {"error": "File too large", "max_size": err.max_size}
except ExtensionSecurityError as err:
return {"error": "File type not allowed", "extension": err.extension}
except FileValidationError as err:
return {"error": str(err), "code": err.error_code}
Current Status & Roadmap
What's Working
- Filename Security: Unicode normalization, directory traversal prevention, Windows reserved names blocking
- Extension Validation: Allow/block lists with configurable rules, dangerous extension detection
- Compression Security: ZIP bomb detection, nested archive inspection, size and ratio limits
- Content Inspection: Deep ZIP content analysis with configurable depth and entry limits
- MIME Type Verification: Magic number validation for common file types
- Rich Exception System: Machine-readable error codes with detailed context
Planned Improvements
Critical (Pre-1.0)
- Streaming Validation: Memory-efficient processing for large files to prevent resource exhaustion
- Resource Limits: CPU and memory monitoring during validation operations
- Rate Limiting Guide: Documentation and examples for production deployments
High Priority
- Enhanced ZIP Security: Protection against recursive ZIP structures and algorithmic complexity attacks
- Audit Logging: Structured logging for security-relevant events with request correlation
- Performance Optimizations: Pattern caching, compiled regex optimization, async I/O improvements
Future Enhancements
- Additional File Types: .gpx, .tcx, .fit, .gz
- Content Analysis: Malware signature detection, embedded script scanning
- Fuzzing Tests: Automated testing with malformed and malicious payloads
- Security Documentation: Threat model, architecture diagrams, integration security checklist
Production Readiness
Status: Beta - suitable for testing, not yet recommended for production use
Before Production:
- Address memory exhaustion vulnerability in ZIP inspection
- Implement streaming validation for large files
- Complete security audit and penetration testing
Known Limitations:
- No built-in rate limiting (must be implemented at application level)
- Limited to synchronous content reading in ZIP inspection
- Performance not yet optimized for high-throughput scenarios
Documentation
Full documentation available at [link to your docs].
Sponsors
A huge thank you to the project sponsors! Your support helps keep this project going.
Consider sponsoring safeuploads on GitHub to ensure continuous development.
License
This project is licensed under the MIT License - see the LICENSE file for details.
Contributing
Contributions welcome! See Contributing Guidelines for guidelines.
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file safeuploads-0.1.1.tar.gz.
File metadata
- Download URL: safeuploads-0.1.1.tar.gz
- Upload date:
- Size: 28.3 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: poetry/2.2.1 CPython/3.13.8 Darwin/25.0.0
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
710d6ace283e90197d9236905595a2882f704b4e8ad9a07392419c05ed6054f9
|
|
| MD5 |
a5d2aabec411f5f2a6d7eb5d0b73d6fb
|
|
| BLAKE2b-256 |
099a68c05dc4c51a4f1df5cd2745ba52470579a1c73b315bfb6bce39e8eb5679
|
File details
Details for the file safeuploads-0.1.1-py3-none-any.whl.
File metadata
- Download URL: safeuploads-0.1.1-py3-none-any.whl
- Upload date:
- Size: 33.3 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: poetry/2.2.1 CPython/3.13.8 Darwin/25.0.0
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
aab97e847e90d54251e56939f02d4f0aeeae21d83bc91e833beed25796eacdda
|
|
| MD5 |
66b6ebc92328c18d12c149c7fea2502a
|
|
| BLAKE2b-256 |
086345db819de559fa690728032d47caf7679661665822e2cc2fbfb021bc7f61
|
