(原创)文件安全下载
2009-12-09 15:14
204 查看
1、IIS设置
1)启动IIS.
2)创建一个新的名字为Security的虚拟目录.
如图设置:
代码
using System;
using System.Collections;
using System.ComponentModel;
using System.Data;
using System.Drawing;
using System.Web;
using System.Web.SessionState;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.HtmlControls;
using System.Net;
using System.IO;
namespace security
{
/// <SUMMARY>
/// </SUMMARY>
public class SecureFile
{
public SecureFile()
{
}
public bool UploadFile(HtmlInputFile inputfile)
{
try
{
string fileName = "";
string DirPath = "";
if(( inputfile.PostedFile != null ) &&
( inputfile.PostedFile.ContentLength > 0 ))
{
DirPath=HttpContext.Current.Server.MapPath(
System.Configuration.ConfigurationSettings.AppSettings[
"UploadPath"]);
fileName = System.IO.Path.GetFileName(
inputfile.PostedFile.FileName );
inputfile.PostedFile.SaveAs( DirPath + "\\\" + fileName );
}
return true;
}
catch
{
return false;
}
}
public bool DownloadFile(string strFile)
{
try
{
string strDownloadURL=
System.Configuration.ConfigurationSettings.AppSettings[
"DownloadURL"];
string strUser=
System.Configuration.ConfigurationSettings.AppSettings[
"BasicAuthenticationUser"];
string strPWD=
System.Configuration.ConfigurationSettings.AppSettings[
"BasicAuthenticationPWD"];
string strURL=strDownloadURL + "\\\" + strFile;
WebClient req=new WebClient();
CredentialCache mycache=new CredentialCache();
mycache.Add(new Uri(strURL),"Basic",
new NetworkCredential(strUser,strPWD));
req.Credentials=mycache;
HttpResponse response = HttpContext.Current.Response;
response.Clear();
response.ClearContent();
response.ClearHeaders();
response.Buffer= true;
response.AddHeader("Content-Disposition",
"attachment;filename=\"" + strFile + "\"");
byte[] data=req.DownloadData(strURL);
response.BinaryWrite(data);
response.End();
return true;
}
catch(Exception ex)
{
if(ex.Message=="The remote server " +
"returned an error: (404) Not Found.")
throw new Exception("File not found");
else if(ex.Message=="The remote server" +
" returned an error: (401) Unauthorized.")
throw new Exception("Unauthorized access");
return false;
}
}
}
}
1)启动IIS.
2)创建一个新的名字为Security的虚拟目录.
如图设置:
代码
using System;
using System.Collections;
using System.ComponentModel;
using System.Data;
using System.Drawing;
using System.Web;
using System.Web.SessionState;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.HtmlControls;
using System.Net;
using System.IO;
namespace security
{
/// <SUMMARY>
/// </SUMMARY>
public class SecureFile
{
public SecureFile()
{
}
public bool UploadFile(HtmlInputFile inputfile)
{
try
{
string fileName = "";
string DirPath = "";
if(( inputfile.PostedFile != null ) &&
( inputfile.PostedFile.ContentLength > 0 ))
{
DirPath=HttpContext.Current.Server.MapPath(
System.Configuration.ConfigurationSettings.AppSettings[
"UploadPath"]);
fileName = System.IO.Path.GetFileName(
inputfile.PostedFile.FileName );
inputfile.PostedFile.SaveAs( DirPath + "\\\" + fileName );
}
return true;
}
catch
{
return false;
}
}
public bool DownloadFile(string strFile)
{
try
{
string strDownloadURL=
System.Configuration.ConfigurationSettings.AppSettings[
"DownloadURL"];
string strUser=
System.Configuration.ConfigurationSettings.AppSettings[
"BasicAuthenticationUser"];
string strPWD=
System.Configuration.ConfigurationSettings.AppSettings[
"BasicAuthenticationPWD"];
string strURL=strDownloadURL + "\\\" + strFile;
WebClient req=new WebClient();
CredentialCache mycache=new CredentialCache();
mycache.Add(new Uri(strURL),"Basic",
new NetworkCredential(strUser,strPWD));
req.Credentials=mycache;
HttpResponse response = HttpContext.Current.Response;
response.Clear();
response.ClearContent();
response.ClearHeaders();
response.Buffer= true;
response.AddHeader("Content-Disposition",
"attachment;filename=\"" + strFile + "\"");
byte[] data=req.DownloadData(strURL);
response.BinaryWrite(data);
response.End();
return true;
}
catch(Exception ex)
{
if(ex.Message=="The remote server " +
"returned an error: (404) Not Found.")
throw new Exception("File not found");
else if(ex.Message=="The remote server" +
" returned an error: (401) Unauthorized.")
throw new Exception("Unauthorized access");
return false;
}
}
}
}
相关文章推荐
- [原创]java WEB学习笔记72:Struts2 学习之路-- 文件的上传下载,及上传下载相关问题
- 当前安全设置不允许下载该文件的原因以及图文解决办法
- 利用Servlet实现文件安全下载
- server 2003 访问FTP站点下载文件,提示当前的安全设置不允许从该位置下载文件
- 如何下载被标记为不安全的文件?
- (原创)浅谈任意文件下载漏洞的利用
- 访问FTP站点下载文件,提示“当前的安全设置不允许从该位置下载文件”
- 实例介绍文件下载,注册表操作等基本技巧!(原创)
- 为了帮助保护安全,Internet Explorer 已阻止从此站点将文件下载到计算机。单击此处查看更多选项。
- PHP实现文件安全下载的程序
- 下面的类是文件下载类,支持文件的多线程断点续传,使用该类的即可安全、高效的下载任何类型的二进制文件:
- 当前安全设置不允许下载该文件 完美解决方案
- [原创]让您的服务器不再有被挂马的烦恼---文件安全卫士
- [原创]smbclient局域网批理下载文件
- 实现php文件安全下载
- 当前的安全设置不允许从该位置下载文件。 的解决办法
- 利用Servlet实现文件安全下载
- Win8中标记为不安全的文件如何强制下载
- PHP 安全下载文件
- WEB安全基础-文件下载漏洞以及文件包含漏洞演示