Skip to main content
Back to packages
338 GitHub stars

laravel-at/laravel-image-sanitize

View on GitHub

Description

Prevent malicious code execution through uploaded image files.

This is a small but handy package to prevent malicious code execution coming into your application through uploaded images. It was created after being inspired by @appelsiini's talk on How to Hack your Laravel Application

Installation

This version requires PHP 8.3+, Laravel 12 or 13, and Intervention Image 4.

You can install the package via composer:

composer require laravel-at/laravel-image-sanitize

Usage

Apply the middleware to routes that receive image uploads:

use App\Http\Controllers\FileController;
use LaravelAt\ImageSanitize\ImageSanitizeMiddleware;
 
Route::post('/files', [FileController::class, 'upload'])
->name('file.upload')
->middleware(ImageSanitizeMiddleware::class);

If you prefer a middleware alias, register it in your application's bootstrap/app.php file:

use Illuminate\Foundation\Configuration\Middleware;
use LaravelAt\ImageSanitize\ImageSanitizeMiddleware;
 
->withMiddleware(function (Middleware $middleware): void {
$middleware->alias([
'image-sanitize' => ImageSanitizeMiddleware::class,
]);
})

Then use the alias on your upload routes:

Route::post('/files', [FileController::class, 'upload'])
->name('file.upload')
->middleware('image-sanitize');

Recent Courses on Laravel Daily

Laravel 13 Starter Kit Teams and Customizations

10 lessons
33 min

Roles and Permissions in Laravel 13

14 lessons
57 min

Queues in Laravel 13

18 lessons
1 h 12 min read