473,394 Members | 1,785 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > asp.net > questions > file permission

Join Bytes to post your question to a community of 473,394 software developers and data experts.

file permission

Hello

I develop a web application with form authentication by C#.NET. Authorized users can upload/download files to/from the web server. But I meet a problem: any user can download any file on the web server once they know the file's URL. Do you know how to prevent this?

Thanks in advance.
Nov 18 '05 #1
1 1098
You need to put the files in a private folder (or a database), and then have
an asp.net page return the file.

Here's a couple of articles that shows how to do that:
http://www.123aspx.com/redir.aspx?res=30958
http://www.aspfree.com/c/a/ASP.NET-C...C-by-MVadivel/

That would make your url's look something like this:
fake://mydomain.com/GetDoc.aspx?name=document.doc

If you want more pleasing URL's, then you can combine this with URL
rewriting.

This is one of the most useful rewriting articles I've found. (But there are
several out there, search for: url rewriting httpmodule
http://www.codeproject.com/aspnet/urlrewriter.asp

You wouldn't need all the regular expressions code, instead just check if
the url is something like:
/uploads
and then simply rewrite the url to be
http://mydomain.com/GetDoc.aspx?url=(oldurl)
--
Mike Mayer, C# MVP
mi**@mag37.com
http://www.mag37.com/csharp/

"Simon Chuang" <an*******@discussions.microsoft.com> wrote in message
news:87**********************************@microsof t.com...
Hello,

I develop a web application with form authentication by C#.NET. Authorized users can upload/download files to/from the web server. But I meet a
problem: any user can download any file on the web server once they know the
file's URL. Do you know how to prevent this?
Thanks in advance.

Nov 18 '05 #2
New Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

18
how can i check if a file is completely uploaded...???
by: Dino | last post by:
dear all, i've created an application for a customer where the customer can upload ..csv-files into a specified ftp-directory. on the server, a php-script, triggered by a cronjob, reads all the...
PHP
2
Unable to write a file in a directory that my PHP script creates
by: ykgoh | last post by:
Hi. I've a problem of being able to create and remove a directory but unable to write a file inside the created directory for some strange reason. I suspect that this problem could be vaguely...
PHP
3
Access to the path is denied - trying to write a file
by: David Thielen | last post by:
Hi; I created a virtual directory in IIS 6.0 and my asp.net app runs fine. But when it tries to write a file I get: Access to the path is denied. - C:\Inetpub\wwwroot\RunReportASP\images ...
ASP.NET
15
Creating a file that can be seen in the browser
by: David Thielen | last post by:
Hi; My ASP.NET app (C# calling J# under .net 2.0) creates a png file in a subdirectory to display as part of the created page. However, the bitmap will not display due to a security violation. ...
ASP.NET
10
setting file permissions on a web server
by: John Salerno | last post by:
I always read about how you need to set certain file permissions (for cgi files, for example), but it's never been clear to me *how* you do this. I know you can run the line chmod 755...
Python
0
Read from xml file stored in a SQL database table’s field.
by: dphill | last post by:
Hello all I am a beginner .Net programmer so please forgive my ignorance. In brief, I am trying to read from xml file stored in a SQL database table’s field. This is what I used to create...
.NET Framework
1
Permission denied when creating a file in PHP
by: doctorhardik | last post by:
other interesting thing i observe during my work which i describe below: i am using dotproject2.0.4 on fc3. it is working fine. but i want to generate pdf file report during this time i face...
PHP
3
Caught Exception: System.Configuration.ConfigurationErrorsException: An error occurred loading a configuration file: Request for the permission of type 'System.Security.Permissions.FileIOPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicK
by: Mike | last post by:
Hi I have problem as folow: Caught Exception: System.Configuration.ConfigurationErrorsException: An error occurred loading a configuration file: Request for the permission of type...
ASP.NET
1
Web-based file upload -- who grants/denies permissions to whom?
by: lPrentice | last post by:
Hello, After all this time, Linux file permissions still confuse me at times. I have a Python web-based application with an file (images) upload module. The application is running on two remote...
Python
3
Help Reading A XML File In VB.NET
by: vb2008 | last post by:
So I am trying to figure out a new part now but I am getting stuck once again and yes I have been reading up on things and I think I know what my problem is I am just not sure how to fix it. Below is...
.NET Framework
0
How to turn on java script in a villaon keypad mobile phone
by: Charles Arthur | last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
Java
0
Batch import of multiple excel files into the database
by: ryjfgjl | last post by:
If we have dozens or hundreds of excel to import into the database, if we use the excel import function provided by database editors such as navicat, it will be extremely tedious and time-consuming...
Data Management
0
Merging data from multiple Excel files
by: ryjfgjl | last post by:
In our work, we often receive Excel tables with data in the same format. If we want to analyze these data, it can be difficult to analyze them because the data is spread across multiple Excel files...
Data Management
0
Migrating Website to Cloud - Emmanuel Katto
by: emmanuelkatto | last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud. Please let me know. Thanks! Emmanuel
General
0
BarryA
Navigating the Data Structures and Algorithms (DSA)
by: BarryA | last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
Algorithms / Advanced Math
1
Looking to do Android software development, any suggestions? Is flutter better?
by: nemocccc | last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
General
0
Changing the language in Windows 10
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
Windows Server
0
Oralloy
Problem With Comparison Operator <=> in G++
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers,...
C / C++
0
tracyyun
Discussion: How does Zigbee compare with other wireless protocols in smart home applications?
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
General

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!