[ ] Use input validation to prevent the metadata from being exploited. For example, remove any unnecessary metadata such as exif data from images and remove control characters from filenames and extensions.
[ ] Restrict file names. TBD
[ ] Rename files with (random) hash TBD
[ ] Restrict file size. TBD
[ ] Restrict file types (either in Azure or in the gateway). TBD
Filetypes that MUST be prohibited from being stored:
[ ] .sql
[ ] .bash
[ ] .sh
[ ] .dll
Filetypes that SHOULD be prohibited from being stored, but are not necessarily harmful:
[ ] .js
[ ] .jsx
[ ] .ts
[ ] .tsx
[ ] .html
[ ] .xml
Return error respone code (403 for example) when in violation.
As a user I want to be able to upload a file to the gateway, so that TBD
Acceptance Criterion:
.sql
.bash
.sh
.dll
.js
.jsx
.ts
.tsx
.html
.xml
403
for example) when in violation.