473,395 Members | 1,629 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > asp.net > questions > firefox bypass form authorization for doc/pdf files?

Join Bytes to post your question to a community of 473,395 software developers and data experts.

Firefox bypass form authorization for doc/pdf files?

I have create a Asp.net 2.0 application empsite with form authorization.

And I have create an entry in IIS application mapping:
..doc =C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\asp net_isapi.dll

I tried http://localhost/empsite/Documents/BenefitsSummary.doc on IE and it
will be redirected to login page.

However, it does't redirect to login page and the url can download the file
directly.

Did I missed any setting?
Jul 3 '06 #1
1 1269
I have create a Asp.net 2.0 application empsite with form authorization.
>
And I have create an entry in IIS application mapping:
.doc =C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\asp net_isapi.dll

I tried http://localhost/empsite/Documents/BenefitsSummary.doc on IE and it
will be redirected to login page.

However, it does't redirect to login page and the url can download the file
directly.

Did I missed any setting?
Don't know why IIS handles FF-requests differently from IE-requests.

A different approach would be not to use direct links to your
docs/pdfs, but to use something like
download.aspx?file=BenefitsSummary.doc

This download.aspx could perform extra security checks. If everything
is OK, then it can do a Response.WriteFile() to upload the file (which
is stored in a directory outside of the website, so no direct requests
are possible) to the requesting browser.
Note: you don't want any html in the "aspx" part.

Hans Kesting
Jul 4 '06 #2
New Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

11
Login security for a form
by: David W. Simmonds | last post by:
I have a form that will prompt for a user name/password. In VS.NET, I have the protected form in a folder named Admin. I have a Web.config file in that folder as well. It contains the following...
ASP.NET
4
Form authentication for subfolders only
by: Maziar Aflatoun | last post by:
Hi, I'm trying to protect one of my subfolders from Web.config file in my root folder. Here is my directory structure / // My shopping cart /admin // Shopping cart...
ASP.NET
3
Form authorization problem
by: nick | last post by:
Hi, How should I write the web.config file to allow some of the aspx files be executable to all users and others are required users to login? All the aspx files are in the same folder.
ASP.NET
2
Exclude from Form Authentication
by: Islam Elkhayat | last post by:
How can i exclude some files from the Form Authentication.. my welcome page and even custom error pages (404) is not working before authenticate. need help
ASP.NET
13
Resource protected by Form based aythetication
by: david | last post by:
I can not figure out what is the problem that I can protect ASP.NEt form resource but not some other type of files, for example, images. All my aspx forms located in Demo folder and image files...
ASP.NET
1
authorization problem
by: sonu | last post by:
Mark is creating a website using ASP.NET. He is using Forms authentication for authenticating and authorizing users. He has the following layout of files and directories in his website: Root...
C# / C Sharp
2
Form authentication and html files
by: nick | last post by:
I have an Asp.Net 2.0 application using form authentication. I want the html pages be protected by the authentication system too. The accessing of html files need to be authenticated in my local...
ASP.NET
5
tjc0ol
Adding javascript to select element won't work on Firefox browser.
by: tjc0ol | last post by:
Hi all, I made contact page which allows visitors to input their name, email address, phone number, comments and select a comment type by using <select> element in html with javascript. Among the...
Javascript
0
Batch import of multiple excel files into the database
by: ryjfgjl | last post by:
If we have dozens or hundreds of excel to import into the database, if we use the excel import function provided by database editors such as navicat, it will be extremely tedious and time-consuming...
Data Management
0
BarryA
Navigating the Data Structures and Algorithms (DSA)
by: BarryA | last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
Algorithms / Advanced Math
1
Looking to do Android software development, any suggestions? Is flutter better?
by: nemocccc | last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
General
1
Is that possible of reading the .csv file in column wise and the column have different lengths ?
by: Sonnysonu | last post by:
This is the data of csv file 1 2 3 1 2 3 1 2 3 1 2 3 2 3 2 3 3 the lengths should be different i have to store the data by column-wise with in the specific length. suppose the i have to...
C / C++
0
How to build RAID in BIOS?
by: Hystou | last post by:
There are some requirements for setting up RAID: 1. The motherboard and BIOS support RAID configuration. 2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
Computer Hardware
0
marktang
What is ONU?
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
General
0
Changing the language in Windows 10
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
Windows Server
0
Oralloy
Problem With Comparison Operator <=> in G++
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers,...
C / C++
0
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
Online Marketing

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!