Ok, just in case that somebody runs into the same problem. It is not
advised, to add "<script" keyword to Forefront as it can cause problems with
SharePoint from a various reasons. Also, you cannot apply keyword filter to
specific file types. To prevent Cross-Site-Scripting you can do following:
1. Upgrade to Internet Explorer 8. Internet Explorer 7 and older are
affected and nobody at Microsoft could assure me that there are going to be
patches available for. Other browsers are not affected.
2. Write an EventHandler on a Document Library, to prevent uploading bitmap
files that contains script code. It is important to check first 256 bytes of
a bitmap file - if it contains html tags, just reject it! The function that
causes this problem (Client side): FindMimeFromData()
http://msdn.microsoft.com/en-us/libr...07(VS.85).aspx
Regards,
Aleks
"Aleksandar Draskovic" <adraskovic@exchange2007.org> wrote in message
news:2C71C23B-463F-407D-9549-9E5AC676FC56@microsoft.com...
> Hi *,
>
> I want to block upload of all files containing JavaScript code to document
> libraries. Two questions:
>
> 1. Is it possible to block it by adding "<script" keyword in Forefront
> Keyword filter without breaking something (uploading / modifying
> masterpages, templates, webparts etc.)?
> 2. Is it possible to apply Keyword filter to chosen group of file types
> (eg. *.html, *.jpg, *.gif etc)?
>
> Thanks.
>
> Regards,
> Aleks
Linear Mode
