How to make ASP.NET file upload control with resume, without file size limitation and with secure connection?
Any idea?
You can split file to small part.
Upload each part separately. If connection broke, just re upload last part and continue with other.
After all parts are uploaded, just combine all parts on server in one file.
Related
I have developed File Upload web page in ASP.NET. Now user can rename a .exe file to txt or some other extension and upload the same. I want to restrict that. How I can implement that in ASP.NET?
The only safe way to do this is to get the byte [] from the file that has been posted and examine it to determine if the file is indeed in one of the formats you allow the user to upload. You don't need to save the file, you can just get the byte[] from the HttpPostedFile object.
Other than examining the content (looking for magic numbers, for example) there isn't an infallible way to make sure that the user is not attempting to upload something that you don't allow.
I am a newbie and have a requirement to upload ~2GB files via form upload.
I am unsure whether the 2GB file will be received as a whole on the "action URL" - (http://localhost:49980/videoupload.aspx) page or will it be received in parts/chunks?
Thanks in advance for clarifying!
Firstly Increasing the Maximum Upload Size
The 4MB default is set in machine.config, but you can override it in you web.config. For instance, to expand the upload limit to 20MB, you'd do this:
Then upload your file in chunk of bytes. ASP.Net: Writing chunks of file..HTTP File upload with resume and Upload Large Files in ASP.NET Using HttpModule.
you can go for this: Recommendations for best ASP.NET file upload tool
For Reference:
Streaming large file uploads to ASP.NET MVC
Multiple File Upload With Progress Bar Using Flash and ASP.NET
Upload large files in .NET
I have an ASP.NET 2 application and would like users to upload a file to be processed immediately. The file never needs to be used again, so I don't care to store it on the server as a file somewhere, which hopefully will make it more secure on our end.
Basically, they upload an excel file and I process it and display some results. I do not care to save that excel file for later.
How can I do this?
You can hold the file contents in a MemoryStream.
This will ensure it is not saved to disk.
See What is the best practice for storing a file upload to a MemoryStream (C#)? for details.
In Flex i want to upload a particular file to server form local system.how to do it?
Thanks.
You cannot upload a file without using FileReference.browse() followed by an upload(). If it was possible, that would mean that a webpage can read any file from the user's machine without his knowledge or consent.
Can you even imagine the consequences of that?
You can upload byteArrays though if you are sending some images or texts. http://developer.amazonwebservices.com/connect/thread.jspa?messageID=76422
I have a WebPage where I am giving the option to to Export the Form data to PDF. I am creating the PDF at run time and store the PDF in a "PDF" folder which is under my application directory. After creating the PDF with the SessionID name I Call following function to show the PDF file in the new browser window:
ResponseHelper.Redirect(Response, "~/PDF/" + Session.SessionID + ".pdf", "_Blank", "");
This PDF contains the private information related to the logged in user. Therefore, I want a way to delete this PDF file once it is shown in the browser to the user. This is because the IIS server allows whole development team to view this folder which is a security risk, and we can't disallow user to view this folder on the server.
Therefore, if I could delete this file as soon as it is loaded in the browser could be a solution of this security risk.
Can anyone suggest some better ways of deleting this file as soon as possbile from the application?
Thanks,
Praveen
what i guess is you are creating PDF file on runtime using Itext and then you save that PDF file in temp directory to show it to user... why don't you use
Response.WriteFile(PDFFILE);
this will write the whole file on the stream without saving it in temp folder.
One way is to write an ashx handler which streams the pdf to the browser, then deletes it when done.
Another, and much better way, is to simply build the PDF in memory (NOT using session) and stream it as soon as it's ready.
UPDATE
I'm doing this with a slightly modified version of iTextSharp. Basically, iTextSharp performed all of it's operations in memory, then saved the file to disk. I changed this to return the memory stream. All the code is already there, it was really just a line or two that had to change.
Then, I used a response.binarywrite to push the stream directly to the browser. viola! no files on disk.
An ashx handler is just like an aspx page, only it has one entry point and doesn't do all of the page processing garbage. It's light weight and communicates back to the browser by response.write calls.