Uploading Files to Server using React js and ASP Net Core Web API - Web Development Course

Like and Share the video to help others. Write your questions in the comments below. Check my other programming courses to learn more.

Security considerations:

Use caution when providing users with the ability to upload files to a server. Attackers may attempt to:

1. Execute denial of service attacks.
2. Upload viruses or malware.
3. Compromise networks and servers in other ways.

Security steps that reduce the likelihood of a successful attack are:

1. Upload files to a dedicated file upload area, preferably to a non-system drive. A dedicated location makes it easier to impose security restrictions on uploaded files. Disable execute permissions on the file upload location.
2. Do not persist uploaded files in the same directory tree as the app.

3. Use a safe file name determined by the app. Don't use a file name provided by the user or the untrusted file name of the uploaded file. HTML encode the untrusted file name when displaying it. For example, logging the file name or displaying in UI (Razor automatically HTML encodes output).

4. Allow only approved file extensions for the app's design specification.

5. Verify that client-side checks are performed on the server. Client-side checks are easy to circumvent.

6. Check the size of an uploaded file. Set a maximum size limit to prevent large uploads.

7. When files shouldn't be overwritten by an uploaded file with the same name, check the file name against the database or physical storage before uploading the file.

8. Run a virus/malware scanner on uploaded content before the file is stored.

#React #ReactJS #ReactTutorial