We're sorry Aspose doesn't work properply without JavaScript enabled.

Free Support Forum - aspose.com

How to protect from malicious RTF content

Refer to How to insert RTF into a word document I have a follow up question.

In our scenario the RTF content is provided by some third parties to us. We use these contents and inject/insert them into a document. We just simply insert it - we don’t check the content at all. Then we save this document as docx or pdf and return it to the third party.

But what if there is some malicious content (e.g. some scripts) in the RTF? Is there something we can do here when inserting or Aspose maybe does in terms of malicious content?

We found this article (An Inside Look into Microsoft Rich Text Format and OLE Exploits) from McAfee which highlights issues with RTF.

Any input how to protect from malicious content is highly appreciated.


Unfortunately, your requirement is not clear enough. We request you please share complete detail of your use case along with sample input, problematic, and expected output documents.

Please also share the code example that you are using to create the RTF document. We will investigate the issue and provide you more detail on it.