github-actions[bot]
commented
1 month ago ๐๐๐ฎ Autumn Skies and Pumpkin Pies! ๐ฅงโ๐
Stand by! A green dinosaur ๐ฆ will arrive shortly to assist.
Open javiercn opened 1 month ago
github-actions[bot]
commented
1 month ago Stand by! A green dinosaur ๐ฆ will arrive shortly to assist.
guardrex
commented
1 month ago I'm adding this to the existing File Uploads article PR.
That PR should be merged fairly soon. I'm just waiting to hear back how it should address request streaming for non-Chromium browsers.
AND BTW ... I mention that we never showed how to use HTTP Ranges for large file uploads. We say to do it, but we provide no example. It's relevant for two scenarios now ...
This is all discussed in the PR's opening remarks.
Description
Include a section about security considerations in for https://learn.microsoft.com/en-us/aspnet/core/blazor/file-uploads?view=aspnetcore-8.0#file-size-read-and-upload-limits
In addition to the section mentioned in the article above about limits, we should add a
Security Considerationssection to cover https://learn.microsoft.com/en-us/aspnet/core/mvc/models/file-uploads?view=aspnetcore-8.0#file-name-security and to explicitly call out avoiding the usage of the Size property in theIBrowserFileinstance to impose a limit on the file size. (In other words, nofile.OpenReadStream(file.Size))Page URL
https://learn.microsoft.com/en-us/aspnet/core/blazor/file-uploads?view=aspnetcore-8.0
Content source URL
https://github.com/dotnet/AspNetCore.Docs/blob/main/aspnetcore/blazor/file-uploads.md
Document ID
c11d981c-05af-c19d-a333-feedd5978639
Article author
@guardrex
Related Issues