I have a website that shows galleries. Users can upload their own content from the web (by entering a URL) or by uploading a picture from their computer.
我有一个展示画廊的网站。用户可以从web上上传自己的内容(通过输入URL)或从计算机上上传图片。
I am storing the URL in the database which works fine for the first use case but I need to figure out where to store the actual images if a user does a upload from their computer.
我正在将URL存储在数据库中,这对于第一个用例来说是可行的,但是如果用户从他们的计算机上载,我需要弄清楚在哪里存储实际的图像。
Is there any recommendation here or best practice on where I should store these?
这里有什么推荐或者关于我应该在哪里存放这些东西的最佳实践吗?
Should I save them in the appdata or content folders? Should they not be stored with the website at all because it's user content?
我应该将它们保存在appdata或content文件夹中吗?他们不应该因为是用户内容而存储在网站上吗?
5 个解决方案
#1
58
You should NOT store the user uploads anywhere they can be directly accessed by a known URL within your site structure. This is a security risk as users could upload .htm file and .js files. Even a file with the correct extension can contain malicious code that can be executed in the context of your site by an authenticated user allowing server-side or client-side attacks.
您不应该将用户上传的内容存储在任何可以通过站点结构中的已知URL直接访问的地方。这是一个安全风险,因为用户可以上传。htm文件和。js文件。即使是带有正确扩展的文件,也可以包含恶意代码,这些代码可以在您的站点的上下文中执行,由经过身份验证的用户允许服务器端或客户端攻击。
See for example http://www.acunetix.com/websitesecurity/upload-forms-threat.htm and What security issues appear when users can upload their own files? which mention some of the issues you need to be aware of before you allow users to upload files and then present them for download within your site.
请参见http://www.acunetix.com/websitesecurity/upload-forms-threat.htm,当用户可以上传自己的文件时,会出现什么安全问题?在允许用户上传文件并在站点内下载之前,需要注意的一些问题。
-
Don't put the files within your normal web site directory structure
不要将文件放在您的普通web站点目录结构中
-
Don't use the original file name the user gave you. You can add a content disposition header with the original file name so they can download it again as the same file name but the path and file name on the server shouldn't be something the user can influence.
不要使用用户给你的原始文件名。您可以添加一个带有原始文件名的内容配置头,这样他们就可以以相同的文件名再次下载它,但是服务器上的路径和文件名不应该是用户可以影响的。
-
Don't trust image files - resize them and offer only the resized version for subsequent download
不要信任图像文件——调整它们的大小,只提供后续下载的大小
-
Don't trust mime types or file extensions, open the file and manipulate it to make sure it's what it claims to be.
不要信任mime类型或文件扩展名,打开文件并操作它,以确保它是它声称的那样。
-
Limit the upload size and time.
限制上传大小和时间。
#2
8
Depending on the resources you have to implement something like this, it is extremely beneficial to store all this stuff in Amazon S3.
根据您需要实现的资源的不同,在Amazon S3中存储所有这些内容是非常有益的。
Once you get the upload you simply push it over to Amazon and pop the URL in your database as you're doing with the other images. As mentioned above it would probably be wise to open up the image and resize it before sending it over. This both checks it is actually an image and makes sure you don't accidentally present a full camera resolution image to an end user.
一旦你上传了,你只需把它推到亚马逊,在你的数据库中弹出URL,就像你处理其他图片一样。如上所述,在发送图像之前打开图像并调整大小可能是明智的。这两者都检查它实际上是一个图像,并确保您不会意外地向终端用户呈现完整的相机分辨率图像。
Doing this now will make it much, much easier if you ever have to migrate/failover your site and don't want to sync gigabytes of image assets.
如果您需要迁移/故障转移站点,并且不希望同步千兆字节的图像资产,那么现在这样做将使它变得非常非常容易。
#3
4
One way is to store the image in a database table with a varbinary field.
一种方法是将图像存储在带有varbinary字段的数据库表中。
Another way would be to store the image in the App_Data folder, and create a subfolder for each user (~/App_Data/[userid]/myImage.png).
另一种方法是将图像存储在App_Data文件夹中,并为每个用户创建一个子文件夹(~/App_Data/[userid]/myImage.png)。
For both approaches you'd need to create a separate action method that makes it possible to access the images.
对于这两种方法,您都需要创建一个单独的操作方法,以便能够访问图像。
#4
3
While uploading images you need to verify the content of the file before uploading it. The file extension method is not trustable.
在上传图片时,你需要在上传之前检查文件的内容。文件扩展方法不可靠。
Use magic number method to verify the file content which will be an easy way.
使用魔术数字方法来验证文件内容,这将是一个简单的方法。
See the * post and see the list of magic numbers
请参阅*文章并查看魔法数字列表
One way of saving the file is converting it to binary format and save in our database and next method is using App_Data folder.
保存文件的一种方法是将其转换为二进制格式,并保存在我们的数据库中,下一种方法是使用App_Data文件夹。
The storage option is based on your requirement. See this post also
存储选项基于您的需求。看到这篇文章
Set upload limit by setting maxRequestLength property to Web.Config like this, where the size of file is specified in KB
通过将maxRequestLength属性设置为Web来设置上传限制。配置如下,其中文件的大小在KB中指定
<httpRuntime maxRequestLength="51200" executionTimeout="3600" />
#5
-2
You can save your trusted data just in parallel of htdocs/www folder so that any user can not access that folder. Also you can add .htaccess authentication on your trusted data (for .htaccess you should kept your .htpasswd file in parallel of htdocs/www folder) if you are using apache.
您可以将受信任的数据与htdocs/www文件夹并行保存,这样任何用户都不能访问该文件夹。还可以在受信任的数据上添加.htaccess身份验证(对于.htaccess,如果使用apache,应该将.htpasswd文件与htdocs/www文件夹保持并行)。
#1
58
You should NOT store the user uploads anywhere they can be directly accessed by a known URL within your site structure. This is a security risk as users could upload .htm file and .js files. Even a file with the correct extension can contain malicious code that can be executed in the context of your site by an authenticated user allowing server-side or client-side attacks.
您不应该将用户上传的内容存储在任何可以通过站点结构中的已知URL直接访问的地方。这是一个安全风险,因为用户可以上传。htm文件和。js文件。即使是带有正确扩展的文件,也可以包含恶意代码,这些代码可以在您的站点的上下文中执行,由经过身份验证的用户允许服务器端或客户端攻击。
See for example http://www.acunetix.com/websitesecurity/upload-forms-threat.htm and What security issues appear when users can upload their own files? which mention some of the issues you need to be aware of before you allow users to upload files and then present them for download within your site.
请参见http://www.acunetix.com/websitesecurity/upload-forms-threat.htm,当用户可以上传自己的文件时,会出现什么安全问题?在允许用户上传文件并在站点内下载之前,需要注意的一些问题。
-
Don't put the files within your normal web site directory structure
不要将文件放在您的普通web站点目录结构中
-
Don't use the original file name the user gave you. You can add a content disposition header with the original file name so they can download it again as the same file name but the path and file name on the server shouldn't be something the user can influence.
不要使用用户给你的原始文件名。您可以添加一个带有原始文件名的内容配置头,这样他们就可以以相同的文件名再次下载它,但是服务器上的路径和文件名不应该是用户可以影响的。
-
Don't trust image files - resize them and offer only the resized version for subsequent download
不要信任图像文件——调整它们的大小,只提供后续下载的大小
-
Don't trust mime types or file extensions, open the file and manipulate it to make sure it's what it claims to be.
不要信任mime类型或文件扩展名,打开文件并操作它,以确保它是它声称的那样。
-
Limit the upload size and time.
限制上传大小和时间。
#2
8
Depending on the resources you have to implement something like this, it is extremely beneficial to store all this stuff in Amazon S3.
根据您需要实现的资源的不同,在Amazon S3中存储所有这些内容是非常有益的。
Once you get the upload you simply push it over to Amazon and pop the URL in your database as you're doing with the other images. As mentioned above it would probably be wise to open up the image and resize it before sending it over. This both checks it is actually an image and makes sure you don't accidentally present a full camera resolution image to an end user.
一旦你上传了,你只需把它推到亚马逊,在你的数据库中弹出URL,就像你处理其他图片一样。如上所述,在发送图像之前打开图像并调整大小可能是明智的。这两者都检查它实际上是一个图像,并确保您不会意外地向终端用户呈现完整的相机分辨率图像。
Doing this now will make it much, much easier if you ever have to migrate/failover your site and don't want to sync gigabytes of image assets.
如果您需要迁移/故障转移站点,并且不希望同步千兆字节的图像资产,那么现在这样做将使它变得非常非常容易。
#3
4
One way is to store the image in a database table with a varbinary field.
一种方法是将图像存储在带有varbinary字段的数据库表中。
Another way would be to store the image in the App_Data folder, and create a subfolder for each user (~/App_Data/[userid]/myImage.png).
另一种方法是将图像存储在App_Data文件夹中,并为每个用户创建一个子文件夹(~/App_Data/[userid]/myImage.png)。
For both approaches you'd need to create a separate action method that makes it possible to access the images.
对于这两种方法,您都需要创建一个单独的操作方法,以便能够访问图像。
#4
3
While uploading images you need to verify the content of the file before uploading it. The file extension method is not trustable.
在上传图片时,你需要在上传之前检查文件的内容。文件扩展方法不可靠。
Use magic number method to verify the file content which will be an easy way.
使用魔术数字方法来验证文件内容,这将是一个简单的方法。
See the * post and see the list of magic numbers
请参阅*文章并查看魔法数字列表
One way of saving the file is converting it to binary format and save in our database and next method is using App_Data folder.
保存文件的一种方法是将其转换为二进制格式,并保存在我们的数据库中,下一种方法是使用App_Data文件夹。
The storage option is based on your requirement. See this post also
存储选项基于您的需求。看到这篇文章
Set upload limit by setting maxRequestLength property to Web.Config like this, where the size of file is specified in KB
通过将maxRequestLength属性设置为Web来设置上传限制。配置如下,其中文件的大小在KB中指定
<httpRuntime maxRequestLength="51200" executionTimeout="3600" />
#5
-2
You can save your trusted data just in parallel of htdocs/www folder so that any user can not access that folder. Also you can add .htaccess authentication on your trusted data (for .htaccess you should kept your .htpasswd file in parallel of htdocs/www folder) if you are using apache.
您可以将受信任的数据与htdocs/www文件夹并行保存,这样任何用户都不能访问该文件夹。还可以在受信任的数据上添加.htaccess身份验证(对于.htaccess,如果使用apache,应该将.htpasswd文件与htdocs/www文件夹保持并行)。