The ASPxUploadControl provides the capability to choose from two upload modes (Standard and Advanced) using the ASPxUploadControl.UploadMode property. You can also set the property to Auto to select the upload mode automatically.
This is a standard FileUpload-based upload mode in which the uploaded file is sent to the server in a single request, and is cached in its entirety in the server memory. This mode works well with small files and is not suitable for uploading large files (such as 1GB files). The ASP.NET worker process has a virtual address space of 2GB. However, the ASP.NET worker process only uses a little more than 1 GB because of ASP.NET health monitoring and memory fragmentation (see the Cannot Upload Large Files... topic on the Microsoft website for more details).
Additionally, ASPxUploadControl requires memory for upload progress visualization. Therefore, the actual maximum size of a file that can be uploaded using ASPxUploadControl in Standard Upload Mode with upload progress visualization enabled (the ASPxUploadControl.ShowProgressPanel property is set to true) is about 2GB/3 = 633MB.
Allowing large file uploads in this mode also requires that you increase the Request length limit (using the Web.Config file's maxRequestLength configuration setting), which is not protected against denial-of-service (DoS) attacks caused by users who post large files to the server.
In Standard Upload Mode, a file upload is initiated automatically on the next postback.
In this mode, the uploaded file is sent to the server in small packets (one at a time). The packets are saved into a temporary file, which has the .tmp extension, until upload is complete. You can use the UploadAdvancedModeSettings.TemporaryFolder property to specify the folder containing temporary files.
Note that files are deleted from the temporary folder in the following cases.
Once a file is uploaded.
After the pre-defined time has elapsed. This period of time is defined by the UploadAdvancedModeSettings.UploadingExpirationTime property and is set to 6 hours, by default. Note that the file is removed only if the server hasn't been restarted during this time. If the server is rebooted during this time, the file will be removed in 6 days.
Advanced Upload Mode implementation is based on HTML5 technology. If HTML5 support is not available in an end-user browser, Advanced Upload Mode uses technologies provided by Microsoft Silverlight. If HTML5 is not supported and Silverlight is not installed or is disabled, a specific message is rendered instead of the ASPxUploadControl, providing end-users with a Silverlight download link.
Using Advanced Upload Mode has the following benefits.
Uploading Large Files
Sending a file in small packets allows end-users to upload large files without using a large amount of web server memory, because only one packet per file is stored in memory at a time. The packet size (which by default is 200 KB) can be customized by the UploadAdvancedModeSettings.PacketSize property. The server folder to which each uploaded file is saved can also be specified via the UploadAdvancedModeSettings.TemporaryFolder property (the default path is "~\App_Data\UploadTemp").
When using Advanced Upload Mode, operating the uploaded file's stream within the using statement (the Using statement in Visual Basic) is required.
Refer to the Uploading Large Files topic to learn more about how to customize ASPxUploadControl for large file uploads.
Preventing Denial-of-Service (DoS) Attacks
In Advanced Upload Mode, you are not required to define a large value for the Request length limit (controlled by the maxRequestLength configuration setting within Web.Config), since large files are sent in small chunks. A large maxRequestLength value makes a website more vulnerable to denial-of-service attacks that can be caused by end-users posting many large files to the server. Thus, Advanced Upload Mode allows you to keep the Request length limit reasonably small, preventing potential DoS attacks.
Using the functionality provided by Microsoft Silverlight, ASPxUploadControl is able to validate the file size and file extension directly on the client side, without sending files to the server. This prevents unnecessary traffic to the web server. Client validation is invoked automatically if the UploadControlValidationSettings.MaxFileSize or UploadControlValidationSettings.AllowedFileExtensions property is defined.
After a file has passed client-side validation, the ASPxUploadControl also performs a server-side validation check that provides extra protection.
Progress Indication in Medium Trust
With Advanced Upload Mode, the functionality of the upload progress indicator (controlled by the ASPxUploadControl.ShowProgressPanel property) works well in web environments that only allow medium trust. In contrast to Standard Upload Mode (in which the current progress is not updated until file upload is complete), the current progress indicator is updated after each small file packet is uploaded.
Multi-File Selection in File Open Dialog
In Advanced Upload Mode, ASPxUploadControl supports the multi-file selection capability, allowing end-users to choose multiple files to upload in a single file open dialog. Refer to the Multi-File Selection topic to learn more.
In Advanced Upload Mode, a file upload is not initiated automatically on the next postback
In this case, ASPxUploadControl uses HTML5 technology (Advanced Upload Mode). If it is unavailable, Silverlight technology (Advanced Upload Mode) is used. If Silverlight is unavailable, the upload control works in Standard Upload Mode.
Was this page helpful?
Thanks for your feedback! Any other suggestions? Tell us here.