Securing uploaded files

Virus scans, encoding/decoding files, and Compression/decompression of BLOB data help to secure uploaded files.

Interfaces for the following tasks help with securing uploaded files in the Web UI Framework and the Rich Client Platform:

  • Virus scan
  • Encoding/decoding of files

Virus scan

You can plug in logic to scan an uploaded file for viruses. Use the yfs.properties file to plug in the scanner. A default implementation of virus scanning is not available.

The virus scanner interface includes the following methods. For more information, refer to the Javadoc.

  • public PLTVirusScanResponse scan(InputStream stream, PLTFileHandlerObj fileObject)

    Called first during uploads and downloads to scan the file input stream as is during the upload/download request.

  • public PLTVirusScanResponse scan(PLTFileHandlerObj fileObject)

    Called only during uploads to enable the scanning of the file written to temporary directory.

Encoding/decoding of files

Files that are uploaded can be encoded before they are streamed to a temporary server folder as part of the upload process. These files are encoded by objects of the IFileEncoderDecoder interface, which has two methods (encode and decode). A default implementation is provided for this interface. Use the sc.file.upload.encoder property of the yfs.properties file to plug in the encoder/decoder.
Note: The default encoder increases file sizes significantly.

The following includes basic information about each method. For more information, refer to the Javadoc.

  • public void encode(InputStream iStream, OutputStream oStream)

    Encodes the input stream and places it in the output stream. Called during file upload.

  • public void decode(InputStream iStream, OutputStream oStream)

    Decodes the input stream and places it in the output stream. Called during file download.

Encoding and decoding can negatively affect performance. If the sc.file.upload.encoder property is not set, then encoding and decoding are skipped.

Compression/decompression of BLOB data

You can compress and decompress data that is stored in columns and tables. The actual file content, stored as bytes in the PLT_FILE_DATA table, follows this mechanism by marking the column as CompressionSupported=true and UseCompression=true.