'How to secure and validate data uploads to GitHub Pages site?
I have a GitHub pages site where I'm hosting a project. It allows users to export their data from localStorage as stringified JSON object into a .txt file. They can then import their data back from that .txt file, which will store its contents into localStorage.
Having them paste the file contents into a text box is an option, but since I'm intending this to be a single-page application for use on mobile devices, that's not an ideal user experience.
How do I make sure they aren't uploading malicious, incorrect, or unusable data?
As far as security goes, I'm not sure how much of a risk this even is, since GitHub Pages only hosts static pages, and I'm not dealing with any sensitive data in any way. Still, it feels like I should be doing something other than just accepting plaintext files.
The first thing that comes to mind for validating the data is to use regex or another formulaic way to check object contents. The data is organized as an object of objects; all child objects will have the same keys with different values, and the number of objects can vary. I also plan to build in a way to handle empty file uploads, where it defaults to setting localStorage to {}.
github-pagesSources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|