我有一个网络应用程序,它将上传的图像保存在服务器 HD 上并从那里检索它。我的问题是这种方法有多安全?通过实施这种方法,服务器是否会受到攻击?或者,我曾考虑将 db 中的图像 bytearray 保存为 BLOB,但我在 JSF 中从 db 动态检索图像时遇到了很多问题。请帮助我,一点建议可能会有所帮助。
我在用着:
- 玻璃鱼 3.x
- JSF 莫哈拉 2.3.1
- EJB 3.0
- EclipseLink 2.3.0
问问题
88 次
1 回答
1
My question is how secure is this approach?
Depends on how you wrote the code.
Will the server be vulnerable by implementing this approach?
As said, depends on how you wrote the code. If you're for example allowing the enduser to specify a random absolute path where to store or retrieve the file, then you've obviously a security hole.
Alternatively, I have considered saving images bytearray in db as BLOB but I have experienced loads of problems retrieving images dynamically from db in JSF.
Just press Ask Question button on right top here and elaborate the concrete problem in detail and if the question is asked the smart way, you'll likely get answers how to fix the problem.
于 2012-08-14T13:01:48.710 回答