Tommaso Bertocchi

@SonoTommy

Joined February 2026

About

Nothing here yet.

Available for

Nothing here yet.

Tommaso Bertocchi's blogs

pompelmipompelmi.hashnode.dev2 posts

Articles Threads Comments

Recently published

TBTommaso Bertocchipompelmi.hashnode.dev

0

Stop Trusting File Extensions: Securing Node.js Uploads Before They Hit the Disk

12h ago · 4 min read · If your Node.js application accepts file uploads, you are hosting one of the most dangerous attack vectors in web development. Most developers believe that checking the file extension (e.g., ensuring

Join discussion

TBTommaso Bertocchipompelmi.hashnode.dev

0

pompelmi: a TypeScript-first, privacy-focused file-upload scanner for Node.js

Mar 13 · 4 min read · Repository: https://github.com/pompelmi/pompelmiWebsite / Docs: https://pompelmi.github.io/pompelmi/ Introduction Handling user file uploads safely is a common requirement for web applications. pompel

Join discussion

Tommaso Bertocchi

About

Available for

Tommaso Bertocchi's blogs

Recently published

Stop Trusting File Extensions: Securing Node.js Uploads Before They Hit the Disk

pompelmi: a TypeScript-first, privacy-focused file-upload scanner for Node.js

Search Hashnode

Tommaso Bertocchi

About

Available for

Tommaso Bertocchi's blogs

Recently published

Stop Trusting File Extensions: Securing Node.js Uploads Before They Hit the Disk

pompelmi: a TypeScript-first, privacy-focused file-upload scanner for Node.js