APEX

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

Security implication of 'Allow Public File Upload' to Yes

MSKFeb 10 2013 — edited Feb 11 2013

Hi
I am concerned about setting 'Allow Public File Upload' to Yes. Per the help text "Select Yes to permit unauthenticated users to upload files in applications that provide file upload controls. Select No to prevent unauthenticated users from uploading files in applications that provide file upload control"

That means anyone who has access to the URL can upload files of any type in to the application without any authentication.

Is this true?

Is this not a security risk in that case? Are there any alternatives which would allow 'authenticated' users to upload files via apex application.

Thank you
Kumar

Locked Post

New comments cannot be posted to this locked post.

Locked on Mar 11 2013

Added on Feb 10 2013

#apex-discussions

3 comments

1,131 views