I am using a .NET application, in which there is a feature to upload files (.doc .xls) onto the server. How do I ensure that the end user is uploading only permitted file type(s) & not files containing any malicious code which can lead to the compromise of the server? Please suggest security measures that should be taken to avoid any such unwanted upload.









"This e-mail message may contain confidential, proprietary or legally privileged information. It should not be used by anyone who is not the original intended recipient. If you have erroneously received this message, please delete it immediately and notify the sender. The recipient acknowledges that ICICI Bank or its subsidiaries and associated companies, (collectively "ICICI Group"), are unable to exercise control or ensure or guarantee the integrity of/over the contents of the information contained in e-mail transmissions and further acknowledges that any views expressed in this message are those of the individual sender and no binding nature of the message shall be implied or assumed unless the sender does so expressly with due authority of ICICI Group.Before opening any attachments please check them for viruses and defects."