Albert Shenker
Top achievements
Rank 1
Veteran
Iron
Rank 1
Veteran
Iron
Albert Shenker
asked on 13 Apr 2011, 05:12 PM
Can anyone tell me what the security ramifications of using RadAsyncUpload to upload files to a server are, depending on whether Flash is disabled, etc. For instance, if someone were to try an upload a malicious file with a benign file extension would the specific process by which the file is manipulated by the RadAsyncUpload control render the file harmless... or do specific security precautions need to be taken both on the final destination director and the RadUploadTemp Directory to make sure malicous files cannot do harm?
1 Answer, 1 is accepted
0
Hi Albert Shenker,
RadAsyncUpload does not perform analysis on whether the uploaded file content matches the extension or not. I guess that third party libraries/software can be used in order to scan the uploaded files for a malicious behavior.
Regards,
Genady Sergeev
the Telerik team
RadAsyncUpload does not perform analysis on whether the uploaded file content matches the extension or not. I guess that third party libraries/software can be used in order to scan the uploaded files for a malicious behavior.
Regards,
Genady Sergeev
the Telerik team
Browse the vast support resources we have to jump start your development with RadControls for ASP.NET AJAX. See how to integrate our AJAX controls seamlessly in SharePoint 2007/2010 visiting our common SharePoint portal.