c# - Denying file extensions in IIS -

-

in iis noticed can deny access file extension on server. example, deny access .jpg images. browser won't b e able display .jpg images on site.

i wondering, iis allow deny access file extensions - or filenames- being accessed directly (by typing full url address bar), while still serving them browser if being requested document?

you can't really prevent doing this; determined person can download webpage can download. however, can make more difficult less technically literate checking http referrer in request. if it's url of 1 of webpages, can allow request. otherwise, can deny it. technique used prevent deep linking quite often.

here's sample (untested) of how can .net http module:

public class imagedenyingmodule : ihttpmodule {     public void init(httpapplication app)     {         app.beginrequest += (s, e) => {             var request = app.context.request;             if (requirespagereferrer(request.url) && !isvalidreferer(request.urlreferrer)) {                 app.context.response.statuscode = 404;                 app.context.response.end(); // or something...             }         };     }      private bool requirespagereferrer(string url) {     }      private bool isvalidreferrer(string referrer) {     } }

Comments

Post a Comment

Popular posts from this blog

c++ - How to add Crypto++ library to Qt project -

-
Image
i downloaded crypto++ source , compiled cryptlib project in visual studio 2013, , added generated .lib file qt project, made .pro file this: qt += core gui qt += sql greaterthan(qt_major_version, 4):qt += widgets target = untitled template = app sources += main.cpp\ mainwindow.cpp headers += mainwindow.h \ databasecontrol.h \ test.h forms += mainwindow.ui win32:config(release, debug|release): libs += -l$$pwd/ -lcryptlib else:win32:config(debug, debug|release): libs += -l$$pwd/ -lcryptlibd else:unix: libs += -l$$pwd/ -lcryptlib includepath += $$pwd/ dependpath += $$pwd/ win32-g++:config(release, debug|release): pre_targetdeps += $$pwd/libcryptlib.a else:win32-g++:config(debug, debug|release): pre_targetdeps += $$pwd/libcryptlibd.a else:win32:!win32-g++:config(release, debug|release): pre_targetdeps += $$pwd/cryptlib.lib else:win32:!win32-g++:config(debug, debug|release): pre_targetdeps += $$pwd/cryptlibd.lib else:unix: pre_targetdeps += $$pw...
Read more

jQuery Mobile app not scrolling in Firefox -

-
i have mobile app built in jquery mobile. scrolling fine in chrome & safari, fails scroll in firefox on desktop. have other instances of same app, different features, , works across browsers. life of me, cannot figure this, please help! located here: http://re-brand.us/dsus/index.html seems bug in firefox: bug log . able scroll using keyboard not trackpad on mac. are using mac? i'll keep looking see if can find way around it.
Read more

how to receive file in java(servlet/jsp) -

-
hi making communication protocol. on web server send 1 file curl(in c# post http request). task been done. how should receive file java on web server gone through this article . file downloading. want receive file java. this link may .. have provide multiprt form data .. http://www.journaldev.com/2122/servlet-3-file-upload-using-multipartconfig-annotation-and-part-interface
Read more