I'm doing a project in component management system. I need to block executable files from getting uploaded. Blocking should not be based on the extensions. For example, i've a file named abc.exe i'm going to change the file extension to abc.jpg in this case that abc file should not get updated. Similar to that in gmail file attachment.
View 2 Replies
I'm doing a project in component management system. I need to block executable files from getting uploaded. Blocking should not be based on the extensions. For example, i've a file named abc.exe i'm going to change the file extension to abc.jpg in this case that abc file should not get updated. Similar to that in gmail file attachment.
View 1 Repliesi am working on a project where i have to give call to an .exe file to access the scanner on client side. i am using System.Diagnostics.Process.Start(Server.MapPath("~/bin/Scan.exe").ToString()"); to call exe file in my bin folder on to the server, but it is not getting called.
View 4 Repliesdoes someone know the utility/procedure for converting an ASP.net project containing multiple files into one executable (.EXE) file?
View 3 RepliesI have developed multiple WebServices in my project in ASP.NET. Now I need to deploy them as a single executable file. How can i do that?
View 1 Repliesi am working on a web application using C#,
i know that in window application how to give the path for executable file that started the application (if (!System.IO.File.Exists(Application.StartupPath + "gsdll32.dll")))
but i dont know how to give that path in web application using c#
I formatted my system which has Windows XP serive pack 2 and after that Installed the VisualStuido 2008 setup.But,when I run any website then it says
Compiler executable file csc.exe cannot be found. Description: An unhandled exception occurred during the execution of the current web request.
I searched but could not find any suitable soution for it.Before formatting .Net was working quite fine.
It only work if I change version value to 2.0 from version=3.5 in webconfig file
<compilers>
<compiler language="c#;cs;csharp" extension=".cs" warningLevel="4"
type="Microsoft.CSharp.CSharpCodeProvider, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
<providerOption name="CompilerVersion" value="v3.5"/>
Kindly reply I wasted whole day for it but could not get the way for it.
I am using the async file upload control to upload to a image file. I want the user to upload only jpg files. And for that I am checking the uploadedfile content type in server side, after the upload complets. I wanna check this, before upload starts. There is one javascript method
function startUpload(sender, args){}
but how to access the content type of the file selected by user.
i use file upload to upload file a folder. but i need to give write permission to IUSR_MACHINENAME user. Can i achieve this with different user Account Credidental?
View 2 RepliesI am trying to create a new user that includes a file upload. I want to write the file name to the database in a table called MemberInfo.
Here is my button code:
[Code]....
I am wondering what the best strategy is for accepeting http uploaded files on a web server in a safe way? I have access to scanning software which will quarantine suspect files, but not really sure what the best practice is for this kind of thing?This is somewhat of a pest as the form data and the uploaded file form a logical unit - the fact the files must be scanned (pottentially quarantined) means I would need some kind of callback, post upload mechanism for handling this.
Is there a preferred way (or peice of software) for handling thsi kind of thing?Happy to elaborate of anyone wants to comment or assist? I'm aware I can limit file size, file extension etc, so really just concerned about stopping viruses entering the web server and/or network. And I guess to do so in awy that allows me to interact with scanning software such that I get feedback in relatively real time??
I want to limit the allowed uploaded file types to images, pdfs, and docs. What is the recommended way to approach this?
I assume checking the file extension alone is not enough, since an attacked can change the file extension as he wishes.
This is basically for a course management system for students to upload assignments and teachers to download and view them.
I have a web page where I am denying anonymous users from accessing. In the web site I have a folder called FileManager. In the web app the usres have the ability to uploaded files and when they do a folder gets created under the filmanger and the files are saved. I have created a web.config in this folder that denies anonymous users. The problem is if the user knows the directory structure they can type in the url of the site add /FilManager/x/x/NameOfFile, where x are the sub directories. If the file is an image it shows the image in ie, if it is a .xls or .doc or what ever they get the prompt to either download or save the file. What am I doing wrong. Will the web.config file not stop an anonymous user from access files? I put a webpage in the folder and it is blocked and the user gets sent to the login screen, but files seem to be unsecured.
How do I block anonymous users from being able to access the files in this folder?
I want to limit the allowed uploaded file types to images, pdfs, and docs. What is the recommended way to approach this?I assume checking the file extension alone is not enough, since an attacked can change the file extension as he wishes.I also thought about checking against MIME Type using PostedFile.ContentType.I still don't know if this is adding any further functionality than checking against file extensions alone, and if an attacker have and ability to change this information easily.This is basically for a course management system for students to upload assignments and teachers to download and view them.
View 2 RepliesIam using a file upload control for uploading files in my asp.net application. iam using the following code to impersonate the users who do not have permission for the files to upload. The code works fine for all the files, but it is not working for the files which are in desktop.
Code in .cs file:
System.Security.Principal.WindowsImpersonationContext impersonationContext;
impersonationContext =
((System.Security.Principal.WindowsIdentity)User.Identity).Impersonate();
//Insert your code that runs under the security context of the authenticating user here.
impersonationContext.Undo();
In web.config iam using the following:
<identity impersonate="true" />
I have to create a utility through which user can able to upload singh or multiple files with the use of asp.net FileUpload Server control.
I am looking for Security concern for the same. What are the points need to keep in our minds which violate security. One main issue is in my mind is related to Viruses - means
How to prompt user for viruses and terminate the upload operation How to scan files for viruses during upload operation There may be several Security risks. discuss the issues/risks with proposed solutions.
how to upload and save files to oracle database, and view file using C# .net and can upload one or more files in one webform.
View 1 RepliesI want to upload files to the web servers from the client machines.
Can i upload a file on a network share folder using file upload control?
I would like to create a share folder on a file server sitting next to the web server. If i upload the file from the network share folder instead of uploading it from the client machine does it make any difference?
Will the file be stored in a temporary location before copying to the final destination? Where will be the file stored in this case of uploading it from share folder?
we can download other site css like right clikc their websites and we can see the css src / js src, then if we providee that filename in the address bar then it'll download, how to avoid this?
View 2 RepliesI am using the File Uploader to upload files. It is working fine. But I receive the page can not be displayed when I try to upload a file>4Mb in size.
View 1 RepliesWhat i want to do is code in Global.asax file to check if current date is greater than EndDate(appsetting) it will block access to rest of the pages as what happens when using [Code]....
Moreover it will be a licencing system which will block the application after its EndDate that will be mentioned in web.config.
[Code]....
[Code]....
I know how to impersonate a user for the entire site but how best to impersonate for a block of code; WindowsImpersonationContext or NetworkCredential?
And how would this code look like?
have a project where there are main 3 types of users i have to block them from accessing other pages but without using roles or membership is there any other way to do the same?
View 3 RepliesOn my website, www.pakdev.net, I create screencasts to which are streamed through silverlight.
I create a custom handler to block the download of .wmv files from the url like [URL]
But the problem is now the silverlight has also stopped streaming files.
I know a user can use the following code to access the content of web.config
string connectionString = ConfigurationManager.ConnectionStrings["MyConnect"].ConnectionString;
If I set EnvironmentPermission, can I block user to access the content of web.config?
