0

I'm trying to restrict a particular folder on my site to only allow certain files to be posted via mobile device.

We are exporting data and movies from iPhones and iPod touches, so I'd like to limit the browser user-agent type to Safari, as well. Is this done through the http handler?

TristanK
  • 8,953
  • 2
  • 27
  • 39
tim m
  • 1
  • 1

1 Answers1

0

How is the upload being accomplished?

It's probably easiest to do it through your upload page/handler/module.

You could implement Request Filtering to watch for certain keywords when in that path, depending on how your upload page works, but it'd likely not be a "graceful" failure, more just a "Server returned error" type experience.

If the clients are {your own} IOS apps, it might not matter, and the poor experience would be reserved for those faking it, which might be acceptable.

TristanK
  • 8,953
  • 2
  • 27
  • 39
  • The files are being posted via http post from the device and the user does not actually visit the page. I'd like to set permission on the folder in iis to only allow the specific file type and browser to safari. Hopefully this will exclude any false uploads or potential security risks. – tim m Mar 30 '11 at 14:02
  • Request Filtering doesn't seem to support all-but headers (it uses Deny strings, but not Allow, at least in the Filtering Rules section). Whatever the target of the POST (which is presumably a page/module/something? Because IIS doesn't, on its own, accept POSTs of files, as far as I know), it'll be easiest to check the User-Agent header there for a Safari string and ignore the post if not. – TristanK Mar 30 '11 at 15:48
  • (or just filter out all the common User-Agent s by unique string with Deny rules in Request Filtering). – TristanK Mar 30 '11 at 15:49