http://simonwillison.net/2010-06-02T15:57:00+00:00Simon Willison2010-06-02T15:57:00+00:002010-06-02T15:57:00+00:00https://simonwillison.net/2010/Jun/2/parsing/#atom-tag

<p><strong><a href="http://debuggable.com/posts/parsing-file-uploads-at-500-mb-s-with-node-js:4c03862e-351c-4faa-bb67-4365cbdd56cb">Parsing file uploads at 500 mb/s with node.js</a></strong></p> Handling file uploads is a real sweet spot for Node.js, especially now it has a high performance Buffer API for dealing with binary chunks of data. Felix Geisendörfer has released a new library called “formidable” which makes receiving file uploads (including HTML5 multiple uploads) easy, and uses some clever algorithmic tricks to dramatically speed up the processing of multipart data. <p>Tags: <a href="https://simonwillison.net/tags/binary">binary</a>, <a href="https://simonwillison.net/tags/buffers">buffers</a>, <a href="https://simonwillison.net/tags/html5">html5</a>, <a href="https://simonwillison.net/tags/javascript">javascript</a>, <a href="https://simonwillison.net/tags/nodejs">nodejs</a>, <a href="https://simonwillison.net/tags/uploads">uploads</a>, <a href="https://simonwillison.net/tags/recovered">recovered</a>, <a href="https://simonwillison.net/tags/felixgeisendorfer">felixgeisendorfer</a>, <a href="https://simonwillison.net/tags/files">files</a></p>

2010-02-10T12:53:11+00:002010-02-10T12:53:11+00:00https://simonwillison.net/2010/Feb/10/plupload/#atom-tag

<p><strong><a href="http://www.plupload.com/">Plupload</a></strong></p> Fantastic new open source project from the team behind TinyMCE. Plupload offers a cross-browser JavaScript File uploading API that handles multiple file uploads, client-side progress meters, type filtering and even client-side image resizing and drag-and-drop from the desktop. It achieves all of this by providing backends for Flash, Silverlight, Google Gears, HTML5 and Browserplus and picking the most capable available option. <p><small></small>Via <a href="http://blog.moxiecode.com/2010/02/03/plupload-released/">Moxiecode Developer Blog</a></small></p> <p>Tags: <a href="https://simonwillison.net/tags/browserplus">browserplus</a>, <a href="https://simonwillison.net/tags/flash">flash</a>, <a href="https://simonwillison.net/tags/gears">gears</a>, <a href="https://simonwillison.net/tags/html5">html5</a>, <a href="https://simonwillison.net/tags/javascript">javascript</a>, <a href="https://simonwillison.net/tags/plupload">plupload</a>, <a href="https://simonwillison.net/tags/silverlight">silverlight</a>, <a href="https://simonwillison.net/tags/tinymce">tinymce</a>, <a href="https://simonwillison.net/tags/uploads">uploads</a></p>

2008-07-01T17:00:31+00:002008-07-01T17:00:31+00:00https://simonwillison.net/2008/Jul/1/uploads/#atom-tag

<p><strong><a href="http://www.djangoproject.com/documentation/upload_handling/">Django File Uploads</a></strong></p> Nearly two years in the making, Django’s file upload capacity has received a major (and backwards incompatible) upgrade. Previously, files were uploaded by default in to RAM—now, files larger than 2.5MB are streamed to a temporary file and extensive hooks are provided to customise where they end up—streaming to S3, for example. <p><small></small>Via <a href="http://code.djangoproject.com/changeset/7814">Changeset 7814</a></small></p> <p>Tags: <a href="https://simonwillison.net/tags/django">django</a>, <a href="https://simonwillison.net/tags/fileuploads">fileuploads</a>, <a href="https://simonwillison.net/tags/s3">s3</a>, <a href="https://simonwillison.net/tags/uploads">uploads</a></p>

2008-07-01T08:58:45+00:002008-07-01T08:58:45+00:00https://simonwillison.net/2008/Jul/1/evil/#atom-tag

<p><strong><a href="http://radar.oreilly.com/archives/2008/06/partial-same-origin-bypass-wit.html">Evil GIFs: Partial Same Origin Bypass with Hybrid Files</a></strong></p> First there were PNGs that had crossdomain.xml files embedded in them, now there are GIFs that contain Java applets (as JAR files). At this point I’d say don’t even bother trying to validate uploaded files, just make sure they’re served off an entirely different domain instead where XSS doesn’t matter. <p>Tags: <a href="https://simonwillison.net/tags/applets">applets</a>, <a href="https://simonwillison.net/tags/crossdomainxml">crossdomainxml</a>, <a href="https://simonwillison.net/tags/gifs">gifs</a>, <a href="https://simonwillison.net/tags/javaapplets">javaapplets</a>, <a href="https://simonwillison.net/tags/pngs">pngs</a>, <a href="https://simonwillison.net/tags/security">security</a>, <a href="https://simonwillison.net/tags/uploads">uploads</a>, <a href="https://simonwillison.net/tags/validation">validation</a>, <a href="https://simonwillison.net/tags/xss">xss</a></p>