This is a migrated thread and some comments may be shown as answers.

Uploading files and checking for file tampering

1 Answer 13 Views
Upload
This is a migrated thread and some comments may be shown as answers.
Jelly Master
Top achievements
Rank 1
Jelly Master asked on 29 Nov 2013, 10:17 PM
I know this may be outside the scope of things here. 

I have a telerik Ajax.net website that is used in a similar way to the likes of wetransfer.com 

after a a recent pen test the security guys were able to get around the filters in place and spoof some files onto the server and gain remote access. 

Obviously not a good thing. So the site has been taken off line, 

I was looking to upgrade the site using kendo and was wondering if you had any advice on how I can try and prevent this sort of tampering or point me in the right direction to try and secure the site. 

The site is a great idea for helping transfer large files to groups of people and getting past email restrictions so any ideas would be greatly received. 

1 Answer, 1 is accepted

Sort by
0
Dimiter Madjarov
Telerik team
answered on 02 Dec 2013, 09:17 AM
Hello David,


We could not assist you with the described issues, because Kendo UI does not provide such security features. There are some possible approaches to provide client side validation for file size or type, but in any case a server validation will be required too.

If you are experiencing any other issues related to Kendo UI, do not hesitate to contact us again.

Regards,
Dimiter Madjarov
Telerik
Join us on our journey to create the world's most complete HTML 5 UI Framework - download Kendo UI now!
Tags
Upload
Asked by
Jelly Master
Top achievements
Rank 1
Answers by
Dimiter Madjarov
Telerik team
Share this question
or