Attachment  Editor Widget - virus scan on upload

2579
2
09-02-2011 06:45 AM
JeffPace
MVP Alum
It has just dawned on me the gaping security hole of allowing someone (maybe even the public) to upload a file (picture, pdf, etc.. ) directly into the database using an edit widget. 

Is any file validation/virus scanning occuring? or do I need to do that in my app.  And if I do need to do it, how do I intercept the upload?
0 Kudos
2 Replies
JeffPace
MVP Alum
It has just dawned on me the gaping security hole of allowing someone (maybe even the public) to upload a file (picture, pdf, etc.. ) directly into the database using an edit widget. 

Is any file validation/virus scanning occuring? or do I need to do that in my app.  And if I do need to do it, how do I intercept the upload?


Anyone have any ideas on this?
0 Kudos
johnbrosowsky
Occasional Contributor II

What is the best practice approach for security and the attachment editor RE validation/scanning.  I do not see any response to the above question, but assume by now there is some standard approach for this.  Thanks!

0 Kudos