Exemplo n.º 1
0
        private static bool IsValidFileExtensionAndSignature(Stream stream, string[] permittedExtensions)
        {
            try
            {
                var ext = "." + FindMimeHelpers.GetExtensionsFromStream(stream)[0];

                if (string.IsNullOrEmpty(ext) || !permittedExtensions.Contains(ext))
                {
                    return(false);
                }

                return(true);
            }
            catch
            {
                return(true);
            }
        }
Exemplo n.º 2
0
        public static async Task <HugeMemoryStream> ProcessStreamedFile(
            MultipartSection section, ContentDispositionHeaderValue contentDisposition,
            ModelStateDictionary modelState, string[] permittedExtensions, long sizeLimit)
        {
            try
            {
                var memoryStream = new HugeMemoryStream();

                await section.Body.CopyToAsync(memoryStream);

                // Check if the file is empty or exceeds the size limit.
                if (memoryStream.Length == 0)
                {
                    modelState.AddModelError("Error", "The file is empty.");
                }
                else if (memoryStream.Length > sizeLimit)
                {
                    var megabyteSizeLimit = sizeLimit / 1048576;
                    modelState.AddModelError("Error", $"The file exceeds {megabyteSizeLimit:N1} MB.");
                }
                else if (!IsValidFileExtensionAndSignature(contentDisposition.FileName.Value, memoryStream, permittedExtensions))
                {
                    modelState.AddModelError("Error", $"The file type isn't permitted or the file's signature doesn't match the file's extension. {Path.GetExtension(contentDisposition.FileName.Value).ToLowerInvariant()}");
                }
                else
                {
                    if (!IsValidFileExtensionAndSignature(memoryStream, permittedExtensions))
                    {
                        modelState.AddModelError("Error", $"The file type isn't permitted or the file's signature doesn't match the file's extension. {FindMimeHelpers.GetMimeFromStream(memoryStream)} - {FindMimeHelpers.GetExtensionsFromStream(memoryStream)[0]}");
                    }

                    return(memoryStream);
                }
            }
            catch (Exception ex)
            {
                modelState.AddModelError("Error", $"The upload failed. Please contact the Help Desk for support. Error: {ex.Message}");
                modelState.AddModelError("Exception", ex.Message);
                modelState.AddModelError("StackTrace", ex.StackTrace);
            }

            return(new HugeMemoryStream());
        }