堆栈内存溢出
  简体   繁体   English

如何检查是否已下载相同的下载文件?

[英]How to check if the same downloaded file is being uploaded?

 原文  2017-10-05 07:03:15       java/ excel

问题描述

We have an application and one of its features allows user to download an Excel file template from the Web portal. 我们有一个应用程序,其功能之一允许用户从Web门户下载Excel文件模板。 The user is supposed to make few changes in it and upload the same. 用户应该对其进行少量更改并上传相同的内容。 As per the requirement we need to make sure that the user uploads the same file that he had originally downloaded. 根据要求,我们需要确保用户上传的文件与他最初下载的文件相同。

So a different file with the same name and extension should not be allowed as well. 因此,也不应允许使用具有相同名称和扩展名的其他文件。 Checking the checksum value won't help as it changes when the content is modified. 修改内容后,检查校验和值会更改,因此无济于事。 Therefore we need some mechanism that would allow us to identify each file uniquely. 因此,我们需要某种机制来允许我们唯一地识别每个文件。

2 个解决方案

解决方案1
 0  2017-10-05 07:09:14

Something doesn't look "right" in the flow you've described. 在您描述的流程中看起来有些“不正确”。 What are you trying to protect the server from? 您正在尝试保护服务器免受什么攻击? Malicious Excel? 恶意Excel? Wrong data supplied? 提供的数据错误? In general, you should never trust a client, even if you embed some "information" into the file (not necessarily Excel) you cannot guarantee on server that the user won't extract it and paste to malicious file. 通常,即使您将某些“信息”嵌入文件(不一定是Excel)中,也不能信任客户端,但不能保证在服务器上用户不会将其提取并粘贴到恶意文件中。

So in my understanding, you should better protect the data, not the Excel page itself. 因此,以我的理解,您应该更好地保护数据,而不是Excel页面本身。 When the data gets submitted to the server after modifications if its important to your flow - extract it from excel and validate before storing. 如果修改后的数据对您的流程很重要,则在修改后将其提交到服务器时-从excel中提取数据并在存储之前进行验证。 If you work in "garbage in - garbage out" model - just store the Excel as is and don't deal with it. 如果您使用“垃圾回收-垃圾清理”模型-只需按原样存储Excel,不要对其进行处理。

解决方案2
 0 已采纳  2017-10-05 09:16:22

Assuming the file is generated for each download, include some identification number, eg in cell A1, and then making row 1 hidden. 假设为每次下载生成文件,则在单元格A1中包含一些标识号,然后隐藏第1行。

In such a case, try to make the Excel document protected with a password, so that the user can only input data in certain fields to make sure the row is not unhidden and modified. 在这种情况下,请尝试使用密码保护Excel文档,以便用户只能在某些字段中输入数据,以确保该行不会被隐藏和修改。

I've have, several years ago, implemented something similar, where I had a sheet full of data collected from other sheets, so I could easily import/export the data and then protect it and send it away. 几年前,我已经实现了类似的方法,在该工作表中,我收集了一个从其他工作表收集来的数据,因此我可以轻松地导入/导出数据,然后对其进行保护并将其发送出去。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如何识别上传的excel文件是否与下载的相同? - How to identify if uploaded excel file is same as that is downloaded? 如何查看上传的文件是否为XLS文件? - How to check whether the uploaded file is XLS file or not? 没有文件在Flex中上传 - No file being uploaded in Flex 如何处理上传的文件以及同一servlet中的数据? - How to process uploaded file and for data in same servlet? 如何删除目录中上传的相同文件? - how to delete the same file which is uploaded in a directory? 如何检查是否正在读取文件 - How to check if a file is being read Java上传的文件不一样 - Java Uploaded file is not the same 如何通过 Spring Rest Api 检查文件是否已完全下载 - How to check if file was downloaded completely via Spring Rest Api 如何使用 selenium webdriver 检查文件是否已成功下载? - How to check if a file has been downloaded successfully with selenium webdriver? 检查Download Manager是否下载了该文件 - Check if Download Manager downloaded the file
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM