Skip to content

959914: Resolved the network team shared security issue in azure provider of file manager component.#55

Merged
Indhumathy-Loganathan merged 3 commits intomasterfrom
959914-SecurityIssues
Oct 13, 2025
Merged

959914: Resolved the network team shared security issue in azure provider of file manager component.#55
Indhumathy-Loganathan merged 3 commits intomasterfrom
959914-SecurityIssues

Conversation

@ArulmozhiSF4964
Copy link
Collaborator

@ArulmozhiSF4964 ArulmozhiSF4964 commented Sep 15, 2025
edited
Loading

Bug description

959914 - Need to handle the security issues in File Manager Azure service providers.

Root cause

No reproducible issues are shared. However as per the network team scanning report validated the issues.

Solution description

As per the Syncfusion AI and network team suggestion modified the service provider model file.

Impact assessment

  • Low - Affects a single feature with minimal user impact
  • Medium - Affects multiple features or has moderate user impact
  • High - Critical functionality or significant user impact

Reason for not identifying earlier

Areas tested against this fix

  • Ensured all the basic functionality of the filemanager component in both 8.0 and 9.0 versions
  • Verified single file download and delete functionality
  • Verified multiple files and folder download and delete functionality
  • Verified nested folder download and delete functionality
  • Validated download and delete operations using key actions
  • Tested files with special characters in their names for both download and delete
  • Verified long file name handling during download and delete
  • Checked Unicode and non-ASCII character file names for proper download and delete behavior
  • Ensured deletion of multiple files simultaneously
  • Validated that access control rules successfully restrict download and delete permissions for individual file and folder, entire files and folders, and nested directory structures
  • Confirmed download and delete operations across multiple devices and platforms:   
    • Desktop: Windows (Chrome, Firefox, Edge), macOS (Chrome, Edge)   
    • Mobile: Android (Chrome on OnePlus and Samsung, Firefox on Samsung), iOS (Firefox)

Breaking changes

  • Yes
  • No

If yes, provide breaking commit details link and migration guidance.

Regression testing

  • Verified fix doesn't reintroduce previous bugs
  • Checked edge cases and error scenarios
  • NA

Action taken to prevent recurrence

  • Added/updated unit tests
  • Other (specify): _________________
  • NA

Automation status

  • BUnit (provide PR link: _________________)
  • Playwight (provide PR link: _________________)
  • NA

Cross-platform verification

  • Blazor Server
  • Blazor WASM
  • NA

Related issues

Is this issue present in EJ2 or other components?

  • Resolved in EJ2 (PR link: _________________)
  • Created task for EJ2 (Task link: _________________)
  • Needs attention in other components (tag needs-attention-coreteam)
  • NA

Output screenshots

API changes

  • New API added (API Review task link: _________________)
  • Existing API renamed/modified (API Review task link: _________________)
  • No API changes

Performance verification

  • Verified no memory leaks introduced
  • Verified no performance degradation
  • Not applicable

Reviewer Checklist

  • Code changes follow component guidelines
  • All provided information reviewed and verified
  • Solution addresses the root cause effectively

@Indhumathy-Loganathan Indhumathy-Loganathan merged commit 36c465f into master Oct 13, 2025
1 check passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Indhumathy-Loganathan Indhumathy-Loganathan Indhumathy-Loganathan approved these changes

Assignees

No one assigned

Labels

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@ArulmozhiSF4964 @Indhumathy-Loganathan