Secure File Upload with Claude Code: S3 Pre-signed URLs and Magic Byte Validation

File upload has more security surface than most features: size limits, MIME type validation, filename sanitization, virus scanning, and storage management. Claude Code generates the full secure upload pipeline. CLAUDE.md for File Upload Standards ## File Upload Rules ### Security (required) - File size limits: images 10MB, documents 25MB, videos 500MB - File type: validate both MIME type AND magic bytes - Filename: replace with random UUID (never use original filename in path) - Virus scanning: ClamAV or AWS S3 Malware Scanning - Storage: S3 only (no local storage in production) ### Allowed file types - Images: image/jpeg, image/png, image/webp, image/gif - Documents: application/pdf - Spreadsheets: application/vnd.openxmlformats-officedocument.spreadsheetml.sheet ### Upload flow 1. Client → API: send metadata → receive pre-signed URL 2. Client → S3: upload directly (bypass server) 3. S3 → API (webhook): upload completion notification 4. API: virus scan → DB registration → issue downlo

Secure File Upload with Claude Code: S3 Pre-signed URLs and Magic Byte Validation

Related Articles

The Outbox Pattern: A Consistent Approach to Distributed Transactions

6o6 v1.1: Faster 6502-on-6502 virtualization for a C64/Apple II Apple-1 emulator

ChemBERTa-2: Towards Chemical Foundation Models

Test title

Legacy PC design misery

Related Articles

News
The Outbox Pattern: A Consistent Approach to Distributed Transactions
Medium Programming • 3d ago

News
6o6 v1.1: Faster 6502-on-6502 virtualization for a C64/Apple II Apple-1 emulator
Lobsters • 3d ago

News
ChemBERTa-2: Towards Chemical Foundation Models
Dev.to • 3d ago

News
Test title
Dev.to Tutorial • 3d ago

News
Legacy PC design misery
Lobsters • 3d ago