Uploading files and checking for file tampering

2 posts, 0 answers
  1. Jelly Master
    Jelly Master avatar
    39 posts
    Member since:
    Oct 2010

    Posted 29 Nov 2013 Link to this post

    I know this may be outside the scope of things here. 

    I have a telerik Ajax.net website that is used in a similar way to the likes of wetransfer.com 

    after a a recent pen test the security guys were able to get around the filters in place and spoof some files onto the server and gain remote access. 

    Obviously not a good thing. So the site has been taken off line, 

    I was looking to upgrade the site using kendo and was wondering if you had any advice on how I can try and prevent this sort of tampering or point me in the right direction to try and secure the site. 

    The site is a great idea for helping transfer large files to groups of people and getting past email restrictions so any ideas would be greatly received. 

  2. Dimiter Madjarov
    Dimiter Madjarov avatar
    2213 posts

    Posted 02 Dec 2013 Link to this post

    Hello David,

    We could not assist you with the described issues, because Kendo UI does not provide such security features. There are some possible approaches to provide client side validation for file size or type, but in any case a server validation will be required too.

    If you are experiencing any other issues related to Kendo UI, do not hesitate to contact us again.

    Dimiter Madjarov
    Join us on our journey to create the world's most complete HTML 5 UI Framework - download Kendo UI now!
Back to Top