Javascript injection attack?

2 posts, 0 answers
  1. Peter
    Peter avatar
    12 posts
    Member since:
    Jul 2012

    Posted 08 Dec 2015 Link to this post

    Is there a way to prevent a maliciously-named file from causing a Javascript injection? If you use a Mac (so that you're not bound by Windows filename conventions) and name a file with javascript in the file name, it's possible to cause the page to fire that javascript. I've already disabled the 'show filename' option, but it still is firing when I test this.
  2. Dimitar
    Admin
    Dimitar avatar
    281 posts

    Posted 09 Dec 2015 Link to this post

    Hello,

    I would suggest you to rename the file to escape any malicious characters. You may refer to the How to upload files from MAC or Linux help article. If this approach does not help you resolve the problem faced, could you open a new Support Ticket and provide details how to reproduce the described behavior on our end.

    Regards,
    Dimitar
    Telerik
    Do you want to have your say when we set our development plans? Do you want to know when a feature you care about is added or when a bug fixed? Explore the Telerik Feedback Portal and vote to affect the priority of the items
  3. UI for ASP.NET Ajax is Ready for VS 2017
Back to Top