HTML 5 file transfer = danger
Posted: Tue Apr 29, 2014 2:27 am
Is there any way to have HTML 5 file transfer for file upload and disable HTML 5 file transfer for download?
Through assigning an application to a user, I thought I would be able to control the applications available to the user. However, I need the capability to have the user upload files, so I need to turn on HTML 5 Transfer. But I do not wish to allow the user access to the Windows file dialog which is displayed with HTML 5 file transfer for download. Even with drive C hidden and best available file security, a user will be able to download files in any directory that the program need access to (e.g. \windows, \program files). As well as run applications that are not assigned to the user or when I do not want them too. Also the user can even upload an unauthorized program then on the HTML 5 download run the program on the server. Anyway is there a way to disable the file dialog on the HTML 5 file download?
Thanks
Robert.
Through assigning an application to a user, I thought I would be able to control the applications available to the user. However, I need the capability to have the user upload files, so I need to turn on HTML 5 Transfer. But I do not wish to allow the user access to the Windows file dialog which is displayed with HTML 5 file transfer for download. Even with drive C hidden and best available file security, a user will be able to download files in any directory that the program need access to (e.g. \windows, \program files). As well as run applications that are not assigned to the user or when I do not want them too. Also the user can even upload an unauthorized program then on the HTML 5 download run the program on the server. Anyway is there a way to disable the file dialog on the HTML 5 file download?
Thanks
Robert.