Lasso have a means of extracting an uploaded zip file to a specified path?

classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

Lasso have a means of extracting an uploaded zip file to a specified path?

codylentz
_=?utf-8?Q?Lasso_8.6?=
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable

Trying to provide a means of allowing people to upload zips and have them e=
xtracted to a particular file path. It seems like zip functionality has bee=
n added in Lasso 9 but I'm curious if there is in fact a method for doing t=
his in 8.6 or if anyone has any suggestions.

Answers can be directed to http://stackoverflow.com/questions/19100471/lass=
o-have-a-means-of-extracting-an-uploaded-zip-file-to-a-specified-path-lasso=




#############################################################
This message is sent to you because you are subscribed to
  the mailing list Lasso
[hidden email]
To unsubscribe, E-mail to: <[hidden email]>
Send administrative queries to  <[hidden email]>
Reply | Threaded
Open this post in threaded view
|

Re: Lasso have a means of extracting an uploaded zip file to a specified path?

Bil Corry-3
Be sure to test your solution with a zip bomb to ensure someone can't DoS
your server:

http://en.wikipedia.org/wiki/Zip_bomb


- Bil


On Mon, Sep 30, 2013 at 7:43 PM, <[hidden email]> wrote:

> _=?utf-8?Q?Lasso_8.6?=
> Content-Type: text/plain; charset=utf-8
> Content-Transfer-Encoding: quoted-printable
>
> Trying to provide a means of allowing people to upload zips and have them
> e=
> xtracted to a particular file path. It seems like zip functionality has
> bee=
> n added in Lasso 9 but I'm curious if there is in fact a method for doing
> t=
> his in 8.6 or if anyone has any suggestions.
>
> Answers can be directed to
> http://stackoverflow.com/questions/19100471/lass=
>
> o-have-a-means-of-extracting-an-uploaded-zip-file-to-a-specified-path-lasso=
>
>
>
>
> #############################################################
> This message is sent to you because you are subscribed to
>   the mailing list Lasso
> [hidden email]
> To unsubscribe, E-mail to: <[hidden email]>
> Send administrative queries to  <[hidden email]>
>

#############################################################
This message is sent to you because you are subscribed to
  the mailing list Lasso
[hidden email]
To unsubscribe, E-mail to: <[hidden email]>
Send administrative queries to  <[hidden email]>
Reply | Threaded
Open this post in threaded view
|

Re: Lasso have a means of extracting an uploaded zip file to a specified path?

Jolle Carlestam-3
The things you learn!
How do you protect your server from a zip bomb if you allow uploads of zip files that are unpacked by Lasso?

HDB
Jolle

1 okt 2013 kl. 10:15 skrev Bil Corry <[hidden email]>:

> Be sure to test your solution with a zip bomb to ensure someone can't DoS
> your server:
>
> http://en.wikipedia.org/wiki/Zip_bomb
>
>
> - Bil


#############################################################
This message is sent to you because you are subscribed to
  the mailing list Lasso
[hidden email]
To unsubscribe, E-mail to: <[hidden email]>
Send administrative queries to  <[hidden email]>
Reply | Threaded
Open this post in threaded view
|

Re: Lasso have a means of extracting an uploaded zip file to a specified path?

Bil Corry-3
One would hope the zip library being used can detect and abort recursive
zip files.  Best to test to ensure that's the case.

- Bil


On Tue, Oct 1, 2013 at 11:34 AM, Jolle Carlestam
<[hidden email]>wrote:

> The things you learn!
> How do you protect your server from a zip bomb if you allow uploads of zip
> files that are unpacked by Lasso?
>
> HDB
> Jolle
>
> 1 okt 2013 kl. 10:15 skrev Bil Corry <[hidden email]>:
>
> > Be sure to test your solution with a zip bomb to ensure someone can't DoS
> > your server:
> >
> > http://en.wikipedia.org/wiki/Zip_bomb
> >
> >
> > - Bil
>
>
> #############################################################
> This message is sent to you because you are subscribed to
>   the mailing list Lasso
> [hidden email]
> To unsubscribe, E-mail to: <[hidden email]>
> Send administrative queries to  <[hidden email]>
>

#############################################################
This message is sent to you because you are subscribed to
  the mailing list Lasso
[hidden email]
To unsubscribe, E-mail to: <[hidden email]>
Send administrative queries to  <[hidden email]>