dotnet · DotVVMHeads-up
DotVVM Adds Required Cryptographic Token for File Uploads
DotVVM now requires a cryptographic token for file upload requests and adds the `DotvvmConfiguration.
What changed
DotVVM now requires a cryptographic token for file upload requests and adds the `DotvvmConfiguration.Security.AuthorizeFileUpload` option to restrict uploads to authorized users.
Who it affects
All users of DotVVM with configured file upload storage.
What to do today
Update DotVVM to version 4.3.15, 4.2.11, or 5.0.0-preview09 or later, and consider configuring file upload to a dedicated partition with limited size.
The trail
Collected→
Audited→
Written→
Published
Source
GitHub Advisory · DotVVM