Amit, this is very interesting solution and it will probably work in
most cases. However, if the attacker is able to upload PDF documents,
he/she can craft one that will produce the desired result as soon as
it gets opend by the user. This can be achieved by setting the PDF
file to redirect. David K...
most cases. However, if the attacker is able to upload PDF documents,
he/she can craft one that will produce the desired result as soon as
it gets opend by the user. This can be achieved by setting the PDF
file to redirect. David K...
[ more ]