Rad Async Upload security issue for big file sizes

2 posts, 0 answers
  1. Deepak
    Deepak avatar
    1 posts
    Member since:
    Sep 2010

    Posted 04 May 2011 Link to this post

        We were able to upload big file sizes by setting

    <security><requestFiltering><requestLimits maxAllowedContentLength="419440400"/></requestFiltering></security>

    this in Telerik.Web.UI.WebResource.axd .
    I would like to know whether its safe to do this, Is there any possibility of DOS attacks, or is there a safer way to do this?

    Deepak M
  2. Genady Sergeev
    Genady Sergeev avatar
    1600 posts

    Posted 06 May 2011 Link to this post

    Hello Deepak,

    This is the standard mechanism for uploading large files within IIS, so by assumption it is considered safe. There is a way to avoid setting large value to maxallowedfilesize however, the way around is to use RadAsyncUpload and its Silverlight module, which will chunkenize the file to be uploaded into many chunks, each of which 2 mb large. Thus way it can bypass the IIS integrated request size limitations.

    Genady Sergeev
    the Telerik team

    Browse the vast support resources we have to jump start your development with RadControls for ASP.NET AJAX. See how to integrate our AJAX controls seamlessly in SharePoint 2007/2010 visiting our common SharePoint portal.

Back to Top