can we find a way to allow customers to control what types of files are uploaded? This one was a situation where applicants were uploading HTML files with loads of Javascript that incurred hundreds of web requests which hit our threshold on the number of web requests from a single IP address and the customer encountered "Please Try Again Later".
In a worse case scenario, I suppose someone could upload an HTML file with more malicious intent. In any case, beyond this scenario, customers repeatedly need a way to ensure they are having students upload appropriate file types - ultimately, customers typically want to ensure they have the right kind of software to open the file type that is uploaded. Controlling file type would help in this situation.
Employee Name | David Welch |
Client Name "shard name" | stlouisgraduates |
User | System Admin |
Functional Unit | Files |
Additional information from stlouisgraduates (ZD Ticket #53319):
I have another example of this issue causing significant problems. I realize you have already asked the product team to consider blocking HTML documents from being uploaded, but want to provide more data to support this need.
Today we had a call from the executive director of an agency that provides one of the scholarships on our site. They had assigned all apps to reviewers and were getting a number of complaints from reviewers who cannot open documents that students uploaded to their applications.
To determine the extent of the problem, I downloaded the documents for all 60 submitted applications. I then attempted to open each document. One-third of the students (20) had uploaded HTML documents. It seems that many, if not all, were created in Firefox. If I am using Firefox to access AcademicWorks and click on one of these uploads, it will open. However, we know that not all reviewers use Firefox. We cannot, at this late date, go back to all the students and ask them to upload another format. I will now have to open every HTML uploaded document, save it as a pdf, become user, and upload the new pdf to the application.
I’m quite certain this will be an ongoing issue as more of our opportunities begin conducting reviewers. I can’t image the manpower, and therefore salary dollars, we will expend on creating pdfs and re-uploading student documents. I sincerely hope your team will put something in place to stop students from uploading these file types in the future.
Thanks, in advance, for representing our needs as your company considers future system fixes and enhancements.
Ellen Vietor