private bool IsAllowedFile(string path)
{
if (string.IsNullOrEmpty(path))
return false;
string processed = path.Trim('/').ToLower();
if (processed.StartsWith("bin"))
return false;
var extension = System.IO.Path.GetExtension(processed).Trim('.');
return ForbiddenExtensions.Contains(extension) == false;
}