Description

Include a section about security considerations in for https://learn.microsoft.com/en-us/aspnet/core/blazor/file-uploads?view=aspnetcore-8.0#file-size-read-and-upload-limits

In addition to the section mentioned in the article above about limits, we should add a Security Considerations section to cover https://learn.microsoft.com/en-us/aspnet/core/mvc/models/file-uploads?view=aspnetcore-8.0#file-name-security and to explicitly call out avoiding the usage of the Size property in the IBrowserFile instance to impose a limit on the file size. (In other words, no file.OpenReadStream(file.Size))

Page URL

https://learn.microsoft.com/en-us/aspnet/core/blazor/file-uploads?view=aspnetcore-8.0

Content source URL

https://github.com/dotnet/AspNetCore.Docs/blob/main/aspnetcore/blazor/file-uploads.md

Document ID

c11d981c-05af-c19d-a333-feedd5978639

Article author

@guardrex

Related Issues