Develop Reference

How to restrict a download in asp.net web forms?

I have this code in the page_load method of an ASP.NET .aspx page that downloads a particular file from the same web site:
System.IO.FileInfo file = new System.IO.FileInfo(filePath);
if (file.Exists)
{
Response.Clear();
Response.AddHeader("Content-Disposition", "attachment; filename=" + newFileName);
Response.AddHeader("Content-Length", file.Length.ToString());
Response.ContentType = "application/octet-stream";
Response.WriteFile(filePath);
Response.Flush();
Response.End();
}
I only want to allow a download if it comes from a clickable link on any page from my own second domain xx.com. All other download attempts coming from other web sites or a direct download need to be disallowed.
How can I detect these download attempts in page_load and allow or disallow the download?

Why cant opened downloaded docx files ,in asp.net?

I try to download a docx file from serverside.
What is my wrong ?
this is code :
FileInfo file = new FileInfo(filepath);
Response.Clear();
Response.ClearHeaders();
Response.ClearContent();
Response.AppendHeader("Content-Disposition", "attachment; filename = " + ((Button)sender).CommandName + ".docx");
Response.AppendHeader("Content-Length", file.Length.ToString());
Response.ContentType = "application/octet-stream";
Response.WriteFile(file.FullName);
Response.Flush();
Response.Close();
Response.End();

I have posted something similar in another question for an PDF but here goes. It's much easier to stream this sort of data back through an ASHX handler.
Something like what I posted in this question but with a docx file.
Display PDF in iframe
It looks like you are using a normal ASP.NET page and are trying to modify the standard behavior by clearing out the headers, etc. You won't have to fiddle with the headers or anything like that with an ashx handler.

ASP.Net Download file to client browser

I'm writing a simple test page to download a text file from a browser on button click. I am getting a really strange error that I have never seen before. Any thoughts?
The error occurs on Response.End(); and the file never gets to the client browser
Code:
string filePath = "C:\\test.txt";
FileInfo file = new FileInfo(filePath);
if (file.Exists)
{
Response.ClearContent();
Response.AddHeader("Content-Disposition", "attachment; filename=" + file.Name);
Response.AddHeader("Content-Length", file.Length.ToString());
Response.ContentType = "text/plain";
Response.TransmitFile(file.FullName);
Response.End();
}
Error:
Unable to evaluate expression because the code is optimized or a native frame is on top of the call stack.

Try changing it to.
Response.Clear();
Response.ClearHeaders();
Response.ClearContent();
Response.AddHeader("Content-Disposition", "attachment; filename=" + file.Name);
Response.AddHeader("Content-Length", file.Length.ToString());
Response.ContentType = "text/plain";
Response.Flush();
Response.TransmitFile(file.FullName);
Response.End();

Just a slight addition to the above solution if you are having problem with downloaded file's name...
Response.AddHeader("Content-Disposition", "attachment; filename=\"" + file.Name + "\"");
This will return the exact file name even if it contains spaces or other characters.

How to send a file to a client so a Download dialog will open?

I have a file, say a PDF on my website and when a user visits a page I want to display a download dialog for the pdf on page load or a button click.
I did a google search and I found two ways to do this but wondering what is the accepted way of doing this? I am currently doing this
string pdfPath = MapPath("mypdf.pdf");
Response.ContentType = "Application/pdf";
Response.AppendHeader( "content-disposition",
"attachment; filename=" + name );
Response.WriteFile(pdfPath);
Response.End();
(Code was based off code from http://aspalliance.com/259, also found code from
http://www.west-wind.com/weblog/posts/76293.aspx)

Your code, will display the file to the user perfectly. But they will have to use the "Save As" option to actually save it.
If you wish to present the "Save Dialog" to the user, try the following:
string pdfPath = MapPath("mypdf.pdf");
Response.ContentType = "Application/pdf";
Response.AppendHeader("content-disposition",
"attachment; filename=" + pdfPath );
Response.TransmitFile(pdfPath);
Response.End();
This of course assumes the file actually exists on the server and is not being dynamically generated.

This code will Send Any file to directly on client Browser
Response.ContentType = "application/pdf";
Response.WriteFile(PathToFile);
Response.Flush();

Why Does FireFox Not Include the .xml Extension when Downloading a File?

OK. I'm sure it does download XML files with the .xml extension, but I'm wondering what is missing in the code here to cause the .xml extenstion to be missing from the downloaded file.
Note: This works in IE 6+ (didn't try WebKit based browsers or Opera)
private void GenerateXmlAttachment(string xmlInStringFormat, string fileName)
{
// Where fileName = "someFile.xml"
HttpResponse response = HttpContext.Current.Response;
response.Clear();
response.Charset = string.Empty;
response.ContentEncoding = Encoding.Default;
response.AddHeader("Content-Disposition", "attachment;filename=" + fileName);
response.AddHeader("Content-Length", xmlInStringFormat.Length.ToString());
response.ContentType = "text/xml";
response.Write(xmlInStringFormat);
response.Flush();
response.End();
}
Ideas anyone?

Try changing:
response.AddHeader("Content-Disposition", "attachment;filename=" + fileName);
To:
response.AddHeader("Content-Disposition", "attachment; filename=" + HttpUtility.UrlEncode(fileName));
The code works for all browsers (including Firefox which we use heavily).

Solved the firefox spaces problems.
Surround your filename with quotes.
Change the code below
response.AddHeader("Content-Disposition", "attachment;filename=" + fileName);
to
response.AddHeader("Content-Disposition", "attachment;filename=\"" + fileName + "\"");

Does your filename have space in it? Firefox may have problem with that.
See this blog post for more details:
http://blog.mjjames.co.uk/2009/04/content-disposition-in-different.html