File created with name [object formdata] but it must be name delivery.xlsx

Question

1.00/5 (1 vote)

See more:

.NET2.0

, +

I work on asp.net core 2.2 Project with angular 7 . I face issue when download file

It created with Name [object FormData].xlsx but Name must be DeliveryGeneration_Output.xlsx .

Path returned and Created

\\192.168.2.7\\ImportExport\\2\\Export\DeliveryGeneration_Output.xlsx

so why file name created with [object FormData].xlsx and not created with DeliveryGeneration_Output.xlsx

and How to solve this Issue ?

What I have tried:

C#

on Angular 7

public uploadFile = (files) => {
   
    const formData = new FormData();
    
    formData.append('file', this.fileToUpload,this.fileToUpload.name);
   this.http.post('https://localhost:44396/api/ApprovalQuality/', formData,{ responseType: 'blob' })
      .subscribe((response: Blob) => saveAs(response, formData + '.xlsx'));
         
  }
on Web API .Net Core 2.2

 var memory2 = new MemoryStream();
                    using (var stream = new FileStream(exportPath, FileMode.Open))
                    {
                        stream.CopyTo(memory2);
                    }
                    memory2.Position = 0;
 return File(memory2, "text/plain", Path.GetFileName(exportPath));

Posted 7-Dec-20 14:52pm

ahmed_sa

Updated 7-Dec-20 23:39pm

Add a Solution

1 solution

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Richard Deeming · Answer 1 · 2020-12-07T23:39:00

It's going to depend on how you've initialized your exportPath variable, which you haven't shown.

However, based on the code you have shown, I suspect you're not handling the upload properly.

The name of the uploaded file will be the path, or more often just the filename, of the file on the client. Your code is running on the server. You cannot simply open the specified path on the server and expect to read the file from the client!

It might appear to work when you're debugging in Visual Studio. But that's only because, in that specific case, the server and the client are the same computer. Once you deploy your code to a real server, you will either get a FileNotFoundException, or in the extremely unlikely case that the file already exists in the same path on the server, you will be reading the wrong file.

You will also open up a security vulnerability - an attacker can pass the path of any file on your server and have it send in the response. They could use that to read your web.config or appSettings.json files, which could reveal information you don't want them to see. They could use it to download your application binaries, which they could then decompile to see your source code. They may even be able to download your database files.

The file upload name is for information only, and should not be trusted. You need to read the uploaded file contents from the IFormFile instance's stream.

Upload files in ASP.NET Core | Microsoft Docs[^]
IFormFile Interface (Microsoft.AspNetCore.Http) | Microsoft Docs[^]