O'Reilly logo

Beginning ASP.NET Security by Barry Dorrans

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 9. Using the File System

Most Web applications deal with files — accessing files on your server, generating files "on the fly," serving files from another server on your network, and allowing users to upload files. Each of these functions can introduce vulnerabilities into your application.

In this chapter, you will learn about the following:

  • How to access existing files safely

  • How to configure your server for secure file access

  • How to properly generate files

  • How to access remote files

  • How to handle user uploads

ACCESSING EXISTING FILES SAFELY

There are many reasons why a Web site may serve actual files in addition to Web pages. Sometimes, simply offering the user a direct download link is insufficient. Some Web sites may want to restrict certain content, or track downloads of software, music, images, or documents. To serve these files in a manner that enables access control or tracking they must be served via code, rather than a direct download URI.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required