Design pattern or best practices for dealing with files on virtual disk

1

Is there a standard or best practices for handling shipping, storage, file publishing, and access control?

Environment example:

I have a system that will need to have a registration for Calls and News and both need to allow insertion of attachments and then release them for download or viewing in the browser as possible (pdf, txt, in some cases office files).

I will also have an area for direct publication, where the files will be submitted to a "virtual" directory selected by the user, certain user groups will have access to these directories and files, others will not.

They will also be available for download and / or browser viewing when possible.

Are there standards or best practices for dealing with this type of need? Home An important detail is that per-user access control of a domain will not be done. They will be system users only.

    
asked by anonymous 26.11.2014 / 02:47

1 answer

2
  

Some of the practices cited below are from other Stack Overflow questions, and some are mine, for empiricism. There is no Microsoft good practice guide. This answer should serve as a good guide to good practice, which I intend to update as new issues should emerge.

Is there standard or best practices for handling shipping, storage, file publishing, and access control?

Shipping

  • Make your Controllers handle any and all received files;
  • Always try to use forms and decor [HttpPost] in% of your Controller ;
  • Try to limit shipping sizes and times;

Storage

  • For file uploads by users, avoid directories where direct link access, such as the Actions directory, can be done. Use an externally unreachable directory;
  • If you are to separate by user, avoid using the user name for the directory nomenclature;
  • When you receive a file, rename it before saving it. This guarantees some security if someone tries to exploit the security problems of your application using the original file name;
  • Before saving, if it is an image file, try to resize the file. If anything fails in this resizing, it may not be exactly an image the user uploaded;
  • Before saving, make sure that the MIME Type of the file is actually corresponding to the content of the file;

Publication

  • Never let your users directly access your files in case of a Download. Provide the user with a link to a Content that returns a Action ;
  • Still on the links, do not provide a file with an easily deductible link, such as an integer ID ( FileResult ) or the filename ( http://meusitemaroto/Arquivos/1 , http://meusitemaroto/Arquivos/MinhaImagem1 ). Generate a random%% that functions as a token or use http://meusitemaroto/Arquivos/MinhaImagem2 ;

Access Control

  • Following the previous line, make string verify access through Guids . It can be the good old Action or an authorization attribute implemented by you. There are several issues here in SOpt where I teach doing this;
  • Avoid allowing downloads if the user is not authenticated. If this is not possible, validate each download using authorization tokens and download counters, or even expire the file after a while.
26.11.2014 / 03:56