RE: [coldbox:3423] Upload files by convention?

Interesting thoughts. We have a FileManagementService that wraps a
number of CFFile and CFDirectory tasks. We usually call it from our
handler and tell it what to do with the uploaded file.


I’m kinda thinking out loud here, but another thought is that I could specify allowed file types. When a file is uploaded I want it to go into a directory outside the webroot (so a potential DOS attack can’t execute the file before it is deleted), if the file is valid, the interceptor could actually move the file if valid or delete it, all transparent to the model.