17Şub
How to safegaurd tika parser from cyberattacks?
I parse content of user uploaded files using Apache Tika. While I use setMaxStringLength property to limit the parsed content to 4mb, I am suspicious if this is enough to safeguard my service from various cyberattacks like DOS using a very large csv or xlsx files or a zip or xml bomb and other possible attacks. What practices and configurations should I have in place to make this safe enough for production?
