违反安全规则 - Fortify的,MVC [英] Security violation - Fortify, MVC
问题描述
我使用HP Fortify的解决我的应用程序的安全问题。
我有一块code作为下面这Fortify的抛出错误的。
I am using HP Fortify to address the security issues in my application. I have a piece of code as below for which Fortify throws an error.
在Fortify的结果表示:
The Fortify result says:
该方法DownloadAttachment()在 文件名的的.cs包括未验证
上线HTTP响应头数据的的 lineNo的的。这使攻击
如缓存中毒,跨站脚本,跨用户污损,
网页劫持,饼干操纵或打开重定向。
The method DownloadAttachment() in fileName.cs includes unvalidated data in an HTTP response header on line lineNo. This enables attacks such as cache-poisoning, cross-site scripting, cross-user defacement, page hijacking, cookie manipulation or open redirect.
code -
public ActionResult DownloadAttachment(string fullFilePath)
{
var bytes = System.IO.File.ReadAllBytes(fullFilePath);
return File(bytes, MimeMapping.GetMimeMapping(fullFilePath), Path.GetFileName(fullFilePath));
}
什么是威胁,在这里和如何解决这个问题?有什么建议?
What is the threat here and how to address this? Any suggestions?
推荐答案
HP是正确的,这是一个问题,但不是他们的方式在说 - 这里的威胁是,你有一个操作方法将加载任何文件的Web服务器可以读取并让访客下载。这很容易导致其他的攻击取决于有人下载什么,你的网络设置。
HP is right this is a problem but not in the way they are saying -- the threat here is that you've got an action method that will load any file the web server can read and let a visitor download it. This could easily lead to other attacks depending on what someone downloaded and your networking setup.
您需要做的是处理附件多一点认真,少了几分一般 - 这可能是只是把文件名作为参数,并在寻找例如给定文件夹
What you need to do is handle attachments a bit more carefully and a bit less generically -- this could be just taking the file name as a parameter and looking in a given folder for example.
这篇关于违反安全规则 - Fortify的,MVC的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!