I want an .asmx service that returns a .png file. My problem is, my web application is hosted on GoDaddy. Because of this, I can't edit the web.config file. If I could edit the web.config file, I would simply created an HTTP Handler.
My question is, is there a way to have an .asmx that returns an image? If so, how?
Why not simply have the service return the image as a byte array (byte[]).
I have no idea why you think you should edit the web.config.
It really depends on how you want to use the image.
If you chose to return a byte array like John suggests, there will be a huge overhead for serializing that to xml (or json), something like 13-15 times (for xml).
I'd suggest that you create a Generic Handler (.ashx) with a query string arg referring to the image, and write directly to the response stream.
Then in your web service, in place of the image, return the url to the handler with proper query string. The consumer of the service can then be responsible for getting the image.
Hopefully this helps.
The best way to return an image from a web service is probably just to return it either as a byte array or as a custom type which includes a byte array (as well as other information, such as image type or suggested file name, etc.).
When you say you want it to return an image, what exactly are you expecting? Do you expect an image in the way that an image renders in a web browser when linked? If so, you're going to have to manually manipulate the output. There are plenty of tutorials online about "displaying an image from a database in asp .net" which would help you.
Basically, you'd hijack the response and change its headers, write the binary image data, and end the response. It works well enough on a web page, but I've never tried it on a web service. It would, however, be considered poor form for a web service to do this. It would break the "contract" of the web service. (Which is why I'm hoping, and at least assuming, that this is not the desired effect.)
If you just want a handler that returns a PNG file, use an .ashx file. If you want a service with a method that returns a PNG file, convert the PNG to a byte array first and return the array.
Related
I am using webApi 2 for my application. i have gallery and i need a way to show my images. I've searched a lot and found some articles like these :
http://www.dotnetcurry.com/aspnet/1120/aspnet-webapi-binary-contents-images
https://jamessdixon.wordpress.com/2013/10/01/handling-images-in-webapi/
but they seems they don't have a efficient way.
so I decide to ask this question once again. how can I handle my images in web api 2 ?
what's the best approach?
Without a little more info on your use case, it's hard to know what the best way would be. Typically a formatter would be used. Then your client would make two requests, /api/Images to get all your images, then create the proper views for each image (HTML would be ). A route that accepts an extension is needed and a formatter to return the proper content type and binary data. Your controller could do all the binary streaming, but a formatter allows better flexibility.
As for BSON, I have never used BSON. Our API has so many different clients that JSON is universal for our DTO's. For images, we always use the the response body for the pure binary stream. This way there is no custom parsing that each client has to do. We can rely completely on the HTTP specs by using the proper content-type, content-length, etc. This also allows for a range request so we can stream and do partial downloads with resume. I have no doubt BSON will catch on and we'll probably use it in the future, but for now it doesn't fit our use case.
What is the easiest, lowest-friction method to read a note programmatically in Evernote? Given that you can share notes by simply generating a unique URL to them, I find it curious that you can't do this programatically as well.
Put another way, I can read notes from my browser without having to authenticate to Evernote. Can I do this programmatically as well? If I have a URL with GUID, can I use this to request the note via code and read it that way?
I attempted to do this -- to use the "Share" URL to read the note. It didn't work, for some reason. When requested programmtically, I was getting 404s for some reason, which makes me think Evernote has some safeguards against using it in this method.
Is there a way to do this -- to read note content via some service without having to authenticate?
Well actually you can. You just need to use the getNote method with an empty string as the first argument (auth token).
I have an objective to transfer some files which can be pdf, jpg and xml from one location to another. I am creating a handler based API for that. What could be the best approach for doing it? Should i return a byte array so that the client can pick the byte array and convert it back to file? Also the max file size I need to handle is 18 MB, so i have to make sure that the sizes are properly handled. Should I do an asynchronous transfer for that? If there is some sample code available it would be great.
i got it done using this: http://blog.net-tutorials.com/2009/03/16/how-to-download-a-file-from-the-internet-with-c/ but it has another issue which i mentioned in another question here:
WebClient.DownloadFileAsync downloading the file on server
I have looked through lots of Posts and have not been successful in determining how to get rid of the pesky d in the response coming from my asmx web service, as in {"d":{"Response":"OK","Auth-Key":"JKPYZFZU"}}.
This is being created by my class 'public Dictionary UserDevice' by returning the Dictionary object.
I would be perfectly happy if the damn thing just wouldn't put it all into the d object!
Basically JSON array notation ['hello'] is valid JavaScript by itself whereas JSON object notation {'d': ['hello'] } is not by itself valid JavaScript. This has the consequence of the array notation being executable which opens up the possibility of XSS attacks. Wrapping your data in an object by default helps prevent this.
You can read more about why it's there in a post by Dave Ward. (edit: as pointed out by #user1334007, Chrome tags this site as unsafe now)
A comment by Dave Reed on that article is particularly informing:
It’s one of those security features that has a very easy to
misunderstand purpose. The protection isn’t really against
accidentally executing the alert in your example. Although that is one
benefit of ‘d’, you’d still have to worry about that while evaluating
the JSON to convert it to an object.
What it does do is prevent the JSON response from being wholesale
executed as the result of a XSS attack. In such an attack, the
attacker could insert a script element that calls a JSON webservice,
even one on a different domain, since script tags support that. And,
since it is a script tag afterall, if the response looks like
javascript it will execute as javascript. The same XSS attack can
overload the object or array constructors (among other possibilities)
and thereby get access to that JSON data from the other domain.
To successfully pull that off, you need (1) a xss vulnerable site
(good.com) — any site will do, (2) a JSON webservice that returns a
desired payload on a GET request (e.g. bank.com/getaccounts), (3) an
evil location (evil.com) to which to send the data you captured from
bank.com while people visit good.com, (4) an unlucky visitor to
good.com that just happened to be logged into bank.com using the same
browser session.
Protecting your JSON service from returning valid javascript is just
one thing you can do to prevent this. Disallowing GET is another
(script tags always do GET). Requiring a certain HTTP header is
another (script tags can’t set custom headers or values). The
webservice stack in ASP.NET AJAX does all of these. Anyone creating
their own stack should be careful to do the same.
You are probably using some kind of framework that automatically wraps your web service json responses with the d element.
I know that microsoft's JSON serializer adds the d on the server side, and the client-side AJAX code that deserializes the JSON string expects it to be there.
I think jQuery works this way too.
You can read a little more about this at Rick Strahl's blog
And there is a way for you to return pure json (without the 'd' element) using the WCF "Raw" programming model.
we are using swfupload for the sake of uploading process in our project but we need add some extra parameter and send them via swfupload to aps.net page
how can I do this?
is it possible at all to passing extra parameters to a server-side page by using swfupload?
regards.
It looks like you can use the addPostParam method to add parameters which will be sent back for each file uploaded:
http://demo.swfupload.org/Documentation/#addPostParam
You might also check out this related SO question: SWFUpload "addPostParam" doesn't work
This might answer your question, but not mine. You can call swfUploader.addPostParam to add parameters to all the files being uploaded.
If you're queueing up multiple files like I am, this won't help you because it applies to ALL files in the queue, not each individual file. But if you're only uploading one file, you might be OK.