If you see branded content that doesn’t come from a brand itself, it’s probably user-generated content, or UGC. In fact, UGC is any type of content—from plain text to images and videos—created by an audience …
Continue readingCategory: Security & Compliance
HIPAA-Compliant File Sharing Workflow: A Checklist for SaaS
For any healthcare company, not being HIPAA-compliant may lead to embarrassing public incidents as well as hefty fines. However, even if a company doesn’t operate in the healthcare space directly but only acts as a …
Continue readingVulnerability in HTML Design: The Script Tag
TL;DR This article covers one of the ways to avoid the by-design <script> HTML element vulnerability. Long story short, unlike any other HTML tag, <script> implies different rules of escaping its content. The proper escaping …
Continue readingUploadcare Closed a Potential Security Breach Involving Text/HTML Files
TL;DR: We’ve completely disallowed inlining text/html files on our CDN and thus closed a potential security breach. Please check if your application relies on that capability. At Uploadcare, we always take security seriously, and that’s …
Continue readingA Guide to Secure File Uploads: How to Make Your Website Bullet-Proof
If you manage a website with user-generated content, you should know how to protect yourself from potential threats hiding in the upload process. Every day, 300 million images are uploaded to Facebook alone. Add to …
Continue reading