Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Forefront (SharePoint) Filtering

2 views
Skip to first unread message

Aleksandar Draskovic

unread,
Aug 10, 2009, 9:12:05 AM8/10/09
to
Hi *,

I want to block upload of all files containing JavaScript code to document
libraries. Two questions:

1. Is it possible to block it by adding "<script" keyword in Forefront
Keyword filter without breaking something (uploading / modifying
masterpages, templates, webparts etc.)?
2. Is it possible to apply Keyword filter to chosen group of file types (eg.
*.html, *.jpg, *.gif etc)?

Thanks.

Regards,
Aleks

Aleksandar Draskovic

unread,
Aug 20, 2009, 5:43:34 AM8/20/09
to
Ok, just in case that somebody runs into the same problem. It is not
advised, to add "<script" keyword to Forefront as it can cause problems with
SharePoint from a various reasons. Also, you cannot apply keyword filter to
specific file types. To prevent Cross-Site-Scripting you can do following:

1. Upgrade to Internet Explorer 8. Internet Explorer 7 and older are
affected and nobody at Microsoft could assure me that there are going to be
patches available for. Other browsers are not affected.
2. Write an EventHandler on a Document Library, to prevent uploading bitmap
files that contains script code. It is important to check first 256 bytes of
a bitmap file - if it contains html tags, just reject it! The function that
causes this problem (Client side): FindMimeFromData()
http://msdn.microsoft.com/en-us/library/ms775107(VS.85).aspx

Regards,
Aleks


"Aleksandar Draskovic" <adras...@exchange2007.org> wrote in message
news:2C71C23B-463F-407D...@microsoft.com...

0 new messages