You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I'm adding this to the existing File Uploads article PR.
That PR should be merged fairly soon. I'm just waiting to hear back how it should address request streaming for non-Chromium browsers.
AND BTW ... I mention that we never showed how to use HTTP Ranges for large file uploads. We say to do it, but we provide no example. It's relevant for two scenarios now ...
Prior to request streaming/9.0, we should show it because it's the recommendation. The Web doesn't seem to have good examples for HTTP Ranges custom code.
For request streaming/9.0, we need it for the failover when the client is a non-Chromium browser.
This is all discussed in the PR's opening remarks.
Description
Include a section about security considerations in for https://learn.microsoft.com/en-us/aspnet/core/blazor/file-uploads?view=aspnetcore-8.0#file-size-read-and-upload-limits
In addition to the section mentioned in the article above about limits, we should add a
Security Considerations
section to cover https://learn.microsoft.com/en-us/aspnet/core/mvc/models/file-uploads?view=aspnetcore-8.0#file-name-security and to explicitly call out avoiding the usage of the Size property in theIBrowserFile
instance to impose a limit on the file size. (In other words, nofile.OpenReadStream(file.Size)
)Page URL
https://learn.microsoft.com/en-us/aspnet/core/blazor/file-uploads?view=aspnetcore-8.0
Content source URL
https://github.com/dotnet/AspNetCore.Docs/blob/main/aspnetcore/blazor/file-uploads.md
Document ID
c11d981c-05af-c19d-a333-feedd5978639
Article author
@guardrex
Related Issues
The text was updated successfully, but these errors were encountered: