I created a file browser control which open files on client machine itself, so I don't need to bother about file path
from my application I am not able to redirect page to
file:///C:/Program%20Files/Application/readme.txt
it works for
http://
how can I configure my application to support file handler.
Thanx
If you are trying to redirect to a local file. This is not possible without knowing quite a lot of information on the client machine - for example how do you know the directory structure of the client computer?
Response.Redirect tells the client (browser) where to redirect to. A file URL will be one that is on the client machine - you would need to know in advance that the file is there, that the user has permissions to view it etc...
Are you asking how to send a file from the server?
You can do this via Response.WriteFile.
Related
What is the functionality
This web application allows user to upload to web-server, download and delete files uploaded on web-server.
Problem
After downloading a file, when user tries to delete it, an exception is thrown saying this file is being used by another process.
What can be done after download is complete so that IIS releases any lock on the file?
Are you using Server.TransferFile to serve the file from the server? Or you might have something setup in your handlers that causes a similar method to send the files.. The only thing I've seen to unlock the file is to reset IIS :-/
Instead of letting IIS serve the file if you let asp.net send it back in the Response stream then you shouldn't get a problem with the file being locked
also make sure you're disposing of any STream readers that are accessing the files..
If that doesn't help then please post code :-)
Everytime I Type in the exact path to my file I can play it even without being logged in. I want to make it where I have the files in my computer (not in a database in the computer or someone else's) I log in and I can download them from whatever computer I logged in to my site with. Direct path I want to be redirected or not available to let download. Only those logged in can download... even if everyone knows the path to the file. Possible? Appreciate your help!!!
Create an HttpModule and on the BeginRequest method check if the request is being made to a file you need to protect, if so, return a 403 https status code.
i have a asp.net website
i have some files swf files that i want to prevent downloading them
is there a solution that the IIS can have a passord for downloading the file swf file and i can provide this password in some situations on the server that i can pass this password in the code
so that the swf file can be viewed from my page only as provide the password
but no one can download it using download managers
or any other http request that request this swf file
Don't put the swf file under your web root. Put it somewhere else like C:\Inetpub\assets. Then use a .NET page or handler to provide the file upon request.
http://yoursite.com?GetAsset.ashx?filename=whatever.swf
Then the request will be part of the same session as the rest of your application and you can validate that the user is really allowed to download the swf.
You can configure IIS Authorization, to allow only authenticated user to access your resouces:
http://learn.iis.net/page.aspx/142/understanding-iis-70-url-authorization/
can you create ftp accounts on your server ? if yes , create a folder only accessible with the credentials you set then put the swf files in it ( i guess you are using a distant IIS server ).
Your hosting service may provide an admin interface were you can set some ftp accounts.
The user will have to access your files with a ftp client application.
there is something named Mine Types. If you add a Mime Type and set an extension like .swf to that you allow client to download and see all .swf files of the server. just go to Mime types tool of IIS and remove ones that you want to prevent downloading.
I'm creating a website which besides other tasks will play some recorded files. these recorded files are on a remote server with private ip address, so I've created a virtual directory which points to a share directory on the mentioned server.
now I'm able to playback the files using client side controls like wmplayer. BUT the problem is sound file urls are accessible without any authentication and authorization.
is there anyway to enforce .net authorization and authentication (in web.config) on this virtual directory? I also should mention I can not use solutions like httphandlers to download the files because file are streamed using iis so user could navigate on the file without downloading all of it)
thanx
Open IIS (I suppose you use IIS7.0 or later). Find the mentioned virtual directory and click on it. In the listed features find Authentication, right click on it and press Open Feature. Then disable anonymous authentication for this folder. Does the problem persist?
I have a system that allows the users to download some files, the user needs to login first and then he is autorized or not to download. The download page is Download.aspx?FileId=42 and the code within this page opens the file and keeps sending small chunks to the user. We made this because we needed to guarantee that only authorized users could download.
We recently moved this system to IIS7 and it is working properly, but I don't like the idea of having a custom c# code sending the chunks to the client, so I would like to know if there is a way of when a request to file.zip is made, a custom code is executed to authorize or not, and if it is authorized, I just tell IIS7 to proceed the download instead of running the code inside Download.aspx.
Is this possible?
Thanks!
Do a redirect to the zip file. Hide the zip file in a obscure location with non-regular naming. "Security through obscurity."
IIS7 has authorization that uses Forms or Windows authentication for all file types - if it's running in integrated pipeline mode. The syntax is just like that for ASP.NET applications, but it's in a different place in web.config, <system.web>. The rules can also be added using the IIS7 admin interface. There are a couple of differences, IIS7 URL authorization evaluates rules from the parent down and deny rules take precedence.