We have specified the mime-type image/jpeg and image/png as well as max file size for the file upload component. But it seem the request can be intercepted and the content can be changed. The validation seems like just client side validation or filter.
Does APEX provide any feature/component that will help prevent malicious content being uploaded instead of images?
On quick search, it seems the content as well as filesize/mime-type can be validated using the record in APEX_APPLICATION_TEMP_FILES i.e. before saving the employee information we can validate the image of the employee. But I am wondering, if it is possible to do those validation on the fly (in-memory?) before record is stored in APEX_APPLICATION_TEMP_FILES?
