开发者

secure upload with uploadify and asp.net mvc 2

开发者 https://www.devze.com 2023-03-20 18:36 出处:网络
i have an asp.net mvc 2 application and i am using uploadify. I am uploadi开发者_如何学Gong the files straight into a sql server db. What are the necessary checks i need to do and how? I would like to

i have an asp.net mvc 2 application and i am using uploadify. I am uploadi开发者_如何学Gong the files straight into a sql server db. What are the necessary checks i need to do and how? I would like to perform a anti virus scan? what are possible security loopholes here?


You could try feeding the uploaded stream into a XmlReader and parse through it. In the event of an exception chances are that there is something wrong with this XML file:

using (var reader = XmlReader.Create(uploadedFile.InputStream))
{
    try
    {
        while (reader.Read())
        { }
        // At this stage you may save the XML file into the database. 
    }
    catch (Exception ex)
    {
        // probably not a valid XML file
    }
}

If the uploaded XML files need to obey a certain structure you could validate them against an XSD schema by specifying this to the XmlReader.

0

精彩评论

暂无评论...
验证码 换一张
取 消