Secure File Handling
• No file input/output are allowed.
• File upload and download:
◦ Only Windchill standard upload/download APIs can be used to upload/download Windchill business objects
◦ Upload file type is verified
◦ Basic path check is done for file names/paths
◦ File names containing “..\” or “../” are rejected or sanitized.
◦ File names containing a null character(“\u0000”) are rejected.
◦ File locations must be validated to confirm that the source/destination is as expected (example, secure internal temp file location).
◦ A complete file path is not included in any request or response, or in a user-visible message (can be logged).
• Report generation through provided Windchill report capabilities:
◦ Reports must follow the expected report format.
◦ Report access must be enforced allowing only those with appropriate permissions to access or receive a generated report.
◦ Reports must be stored in a secure location.