ElectronJS to Java to SQL file upload - how to be secure?How can I prevent SQL injection in PHP?How to secure database passwords in PHP?How does the SQL injection from the “Bobby Tables” XKCD comic work?jQuery Ajax File UploadHow to upload files to server using JSP/Servlet?How does HTTP file upload work?RESTful Authentication via SpringHow to avoid reverse engineering of an APK file?How to secure a REST api between a single page app and a server?How to secure Angular & Spring Application
Can disgust be a key component of horror?
How to fade a semiplane defined by line?
How do you make your own symbol when Detexify fails?
Calculating total slots
Why is so much work done on numerical verification of the Riemann Hypothesis?
How to explain what's wrong with this application of the chain rule?
How can I write humor as character trait?
How should I respond when I lied about my education and the company finds out through background check?
What if a revenant (monster) gains fire resistance?
Does an advisor owe his/her student anything? Will an advisor keep a PhD student only out of pity?
Why should universal income be universal?
Can the US President recognize Israel’s sovereignty over the Golan Heights for the USA or does that need an act of Congress?
How could a planet have erratic days?
Using substitution ciphers to generate new alphabets in a novel
Can a stoichiometric mixture of oxygen and methane exist as a liquid at standard pressure and some (low) temperature?
Lowest total scrabble score
Is aluminum electrical wire used on aircraft?
Can I still be respawned if I die by falling off the map?
Moving brute-force search to FPGA
What does chmod -u do?
Fear of getting stuck on one programming language / technology that is not used in my country
The IT department bottlenecks progress. How should I handle this?
How much character growth crosses the line into breaking the character
Picking the different solutions to the time independent Schrodinger eqaution
ElectronJS to Java to SQL file upload - how to be secure?
How can I prevent SQL injection in PHP?How to secure database passwords in PHP?How does the SQL injection from the “Bobby Tables” XKCD comic work?jQuery Ajax File UploadHow to upload files to server using JSP/Servlet?How does HTTP file upload work?RESTful Authentication via SpringHow to avoid reverse engineering of an APK file?How to secure a REST api between a single page app and a server?How to secure Angular & Spring Application
I have an internal-only ElectronJS/NodeJS desktop app in a corporate environment. Users install the app on their company computers. The app, being ElectronJS, has an Angular6 front-end packaged with it as the renderer. We are using internal OAuth authentication with JWTs over HTTPS for the login as well, and the backend Java REST API that gets/sends data for this ElectronJS app requires valid JWTs. All infrastructure is internal and within our network and the backend Java REST API is hosted within Pivotal Cloud Foundry.
The app watches for USB storage devices to be plugged in (via a Powershell command in ElectronJS), looks for JPEG images, and displays them (a similar look to Windows File Explorer). It runs a set of business logic on the images and requires that they be JPEGs and have a certain lat/long location in the metadata as well. The user then clicks a button to upload these images to our Java Spring Boot REST API where they get passed on to a 2016 MS SQL database and stored as a BLOB.
My question is... given the fact that the user is logged in with our own OAuth system, JWTs are required on the REST API calls, the app is hosted all internally and transmits over HTTPS, only certain users can even login to the app with the appropriate AD group, and there is business logic on the front-end ElectronJS app to even consider uploading the images...is there any need for a virus scan of any kind to make sure nothing malicious is somehow getting uploaded? If so, where would this take place in the described process?
security file-upload spring-security electron blob
asked Mar 8 at 2:30
AndyAndy
494820
add a comment |
I have an internal-only ElectronJS/NodeJS desktop app in a corporate environment. Users install the app on their company computers. The app, being ElectronJS, has an Angular6 front-end packaged with it as the renderer. We are using internal OAuth authentication with JWTs over HTTPS for the login as well, and the backend Java REST API that gets/sends data for this ElectronJS app requires valid JWTs. All infrastructure is internal and within our network and the backend Java REST API is hosted within Pivotal Cloud Foundry.
The app watches for USB storage devices to be plugged in (via a Powershell command in ElectronJS), looks for JPEG images, and displays them (a similar look to Windows File Explorer). It runs a set of business logic on the images and requires that they be JPEGs and have a certain lat/long location in the metadata as well. The user then clicks a button to upload these images to our Java Spring Boot REST API where they get passed on to a 2016 MS SQL database and stored as a BLOB.
My question is... given the fact that the user is logged in with our own OAuth system, JWTs are required on the REST API calls, the app is hosted all internally and transmits over HTTPS, only certain users can even login to the app with the appropriate AD group, and there is business logic on the front-end ElectronJS app to even consider uploading the images...is there any need for a virus scan of any kind to make sure nothing malicious is somehow getting uploaded? If so, where would this take place in the described process?
security file-upload spring-security electron blob
asked Mar 8 at 2:30
AndyAndy
494820
add a comment |
I have an internal-only ElectronJS/NodeJS desktop app in a corporate environment. Users install the app on their company computers. The app, being ElectronJS, has an Angular6 front-end packaged with it as the renderer. We are using internal OAuth authentication with JWTs over HTTPS for the login as well, and the backend Java REST API that gets/sends data for this ElectronJS app requires valid JWTs. All infrastructure is internal and within our network and the backend Java REST API is hosted within Pivotal Cloud Foundry.
The app watches for USB storage devices to be plugged in (via a Powershell command in ElectronJS), looks for JPEG images, and displays them (a similar look to Windows File Explorer). It runs a set of business logic on the images and requires that they be JPEGs and have a certain lat/long location in the metadata as well. The user then clicks a button to upload these images to our Java Spring Boot REST API where they get passed on to a 2016 MS SQL database and stored as a BLOB.
My question is... given the fact that the user is logged in with our own OAuth system, JWTs are required on the REST API calls, the app is hosted all internally and transmits over HTTPS, only certain users can even login to the app with the appropriate AD group, and there is business logic on the front-end ElectronJS app to even consider uploading the images...is there any need for a virus scan of any kind to make sure nothing malicious is somehow getting uploaded? If so, where would this take place in the described process?
security file-upload spring-security electron blob
asked Mar 8 at 2:30
AndyAndy
494820
I have an internal-only ElectronJS/NodeJS desktop app in a corporate environment. Users install the app on their company computers. The app, being ElectronJS, has an Angular6 front-end packaged with it as the renderer. We are using internal OAuth authentication with JWTs over HTTPS for the login as well, and the backend Java REST API that gets/sends data for this ElectronJS app requires valid JWTs. All infrastructure is internal and within our network and the backend Java REST API is hosted within Pivotal Cloud Foundry.
The app watches for USB storage devices to be plugged in (via a Powershell command in ElectronJS), looks for JPEG images, and displays them (a similar look to Windows File Explorer). It runs a set of business logic on the images and requires that they be JPEGs and have a certain lat/long location in the metadata as well. The user then clicks a button to upload these images to our Java Spring Boot REST API where they get passed on to a 2016 MS SQL database and stored as a BLOB.
My question is... given the fact that the user is logged in with our own OAuth system, JWTs are required on the REST API calls, the app is hosted all internally and transmits over HTTPS, only certain users can even login to the app with the appropriate AD group, and there is business logic on the front-end ElectronJS app to even consider uploading the images...is there any need for a virus scan of any kind to make sure nothing malicious is somehow getting uploaded? If so, where would this take place in the described process?
security file-upload spring-security electron blob
security file-upload spring-security electron blob
asked Mar 8 at 2:30
AndyAndy
494820
asked Mar 8 at 2:30
AndyAndy
494820
edited Mar 8 at 2:44
Andy
asked Mar 8 at 2:30
AndyAndy
494820
asked Mar 8 at 2:30
AndyAndy
494820
asked Mar 8 at 2:30
AndyAndy
494820
494820
add a comment |
add a comment |
0
active
oldest
votes
Your Answer
StackExchange.ifUsing("editor", function ()
StackExchange.using("externalEditor", function ()
StackExchange.using("snippets", function ()
StackExchange.snippets.init();
);
);
, "code-snippets");
StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "1"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);
else
createEditor();
);
function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);
);
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f55055875%2felectronjs-to-java-to-sql-file-upload-how-to-be-secure%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
0
active
oldest
votes
0
active
oldest
votes
active
oldest
votes
active
oldest
votes
Thanks for contributing an answer to Stack Overflow!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f55055875%2felectronjs-to-java-to-sql-file-upload-how-to-be-secure%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
