# Security Policy

UnifiedFiler is a file-management UI/control framework. Hosts must enforce final authorization and content validation on the backend. The frontend security policy is a first line of defense and a UX guardrail.

## SecurityPolicyService

`SecurityPolicyService` validates common file operations before they reach an adapter.

Covered operations:

- list/search path normalization
- write target validation
- upload batch validation
- rename target validation
- create-folder validation
- MIME/extension allow/block policy
- package preview limits for Host consumers

Default behavior:

- Blocks path traversal.
- Blocks control characters in names.
- Blocks Windows reserved device names.
- Blocks common executable upload extensions such as `.exe`, `.bat`, `.cmd`, `.msi`, `.ps1`, `.vbs`.
- Keeps web-development files such as `.html`, `.css`, `.js`, `.json`, `.md`, and package formats usable.

## Example

```javascript
var policy = new SecurityPolicyService({
    maxUploadFileSize: 512 * 1024 * 1024,
    maxUploadBatchSize: 1024 * 1024 * 1024,
    allowedExtensions: null,
    blockedExtensions: ['.exe', '.bat', '.cmd', '.msi', '.ps1']
});

var fileService = new FileService({
    registry: storageRegistry,
    securityPolicy: policy
});
```

## Backend responsibility

A backend must still validate:

- tenant boundary
- authenticated user
- role/permission
- canonical path
- actual MIME/content type
- virus scanning policy when required
- ZIP bomb and decompression policy
- per-object ownership links

Frontend-only checks are not a replacement for server-side authorization.
