Microsoft Windows Vista Community Forums - Vistaheads
Recommended Download



Welcome to the Microsoft Windows Vista Community Forums - Vistaheads, YOUR Largest Resource for Windows Vista related information.

You are currently viewing our boards as a guest which gives you limited access to view most discussions and access our other features. By joining our free community you will have access to post topics, communicate privately with other members (PM), respond to polls, upload content and access many other special features. Registration is fast, simple and absolutely free so , join our community today!

If you have any problems with the registration process or your account login, please contact us.

Driver Scanner

Forefront (SharePoint) Filtering

microsoft.public.security.forefront






Speedup My PC
Reply
  #1 (permalink)  
Old 08-10-2009
Aleksandar Draskovic
 

Posts: n/a
Forefront (SharePoint) Filtering
Hi *,

I want to block upload of all files containing JavaScript code to document
libraries. Two questions:

1. Is it possible to block it by adding "<script" keyword in Forefront
Keyword filter without breaking something (uploading / modifying
masterpages, templates, webparts etc.)?
2. Is it possible to apply Keyword filter to chosen group of file types (eg.
*.html, *.jpg, *.gif etc)?

Thanks.

Regards,
Aleks

Reply With Quote
Sponsored Links
  #2 (permalink)  
Old 08-20-2009
Aleksandar Draskovic
 

Posts: n/a
Re: Forefront (SharePoint) Filtering
Ok, just in case that somebody runs into the same problem. It is not
advised, to add "<script" keyword to Forefront as it can cause problems with
SharePoint from a various reasons. Also, you cannot apply keyword filter to
specific file types. To prevent Cross-Site-Scripting you can do following:

1. Upgrade to Internet Explorer 8. Internet Explorer 7 and older are
affected and nobody at Microsoft could assure me that there are going to be
patches available for. Other browsers are not affected.
2. Write an EventHandler on a Document Library, to prevent uploading bitmap
files that contains script code. It is important to check first 256 bytes of
a bitmap file - if it contains html tags, just reject it! The function that
causes this problem (Client side): FindMimeFromData()
http://msdn.microsoft.com/en-us/libr...07(VS.85).aspx

Regards,
Aleks


"Aleksandar Draskovic" <adraskovic@exchange2007.org> wrote in message
news:2C71C23B-463F-407D-9549-9E5AC676FC56@microsoft.com...
> Hi *,
>
> I want to block upload of all files containing JavaScript code to document
> libraries. Two questions:
>
> 1. Is it possible to block it by adding "<script" keyword in Forefront
> Keyword filter without breaking something (uploading / modifying
> masterpages, templates, webparts etc.)?
> 2. Is it possible to apply Keyword filter to chosen group of file types
> (eg. *.html, *.jpg, *.gif etc)?
>
> Thanks.
>
> Regards,
> Aleks


Reply With Quote
Reply


Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
XLS file not saving in Sharepoint after Forefront installation QH microsoft.public.security.forefront 1 03-23-2009 17:43
Quarantined items (Forefront for SharePoint) Al microsoft.public.security.forefront 2 07-29-2008 02:23
ForeFront and the others Forum microsoft.public.security.forefront 2 06-29-2008 20:05
Forefront for Sharepoint - Administring MOSS Farm ? Claus Greck [MVP] microsoft.public.security.forefront 2 03-06-2008 21:00
MS07-059 - Important: Vulnerability in Windows SharePoint Services 3.0 and Office SharePoint Server 2007 Could Result in Elevation of Privilege Within the SharePoint Site (942017) Steve Microsoft Security Bulletins 0 10-10-2007 03:51




All times are GMT +1. The time now is 09:19.




Driver Scanner - Free Scan Now

Vistaheads.com is part of the Heads Network. See also XPHeads.com , Win7Heads.com and Win8Heads.com.


Design by Vjacheslav Trushkin for phpBBStyles.com.
Powered by vBulletin® Version 3.6.7
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Search Engine Optimization by vBSEO 3.6.0 RC 2

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120