访问App虚拟目录之外的文件 [英] access files outside of App virtual directory

问题描述

Hi,

MVC 4 C# app, I need to allow users to access files from folders that are out the virtual directory, files are created by another app every month.

1. I do not want user see physical path of files like

<a href="C:\temp\7204\bike racks.txt" target="_blank">file1</a>


Could you help to set up access to physical path as virtual path?

推荐答案

从技术上讲，你可以用 file：// 协议来做到这一点，但有一个条件：这个url将指向一个本地资源 - 客户端可见的资源。有时您可能需要这样做，例如在企业环境中。但总的来说，当你对客户端一无所知时，这将是无稽之谈。



所以让我们想象第二种情况。比你probaly有一个网络服务。让我们解释您的问题，就像您希望此URL指向服务器资源一样。此时有 C：\ 等等没有任何意义。你的网址需要是一个合适的绝对或相对网址。



正如你提到的MVC，创建一个像 GetServerResource 接受文件路径作为参数，并返回带有适当内容的 FileResult 。



但请记住：只提供精确控制的内容。应用白名单或其他方法。否则任何人都可以从服务器获取每个文件。



另请阅读本文： http://technet.weblineindia.com/web/securely-serve-file-in-asp-dot-net-mvc/ 2 / [ ^ ]

Technically you can do that with file:// protocol, but with one condition: this url will point to a local resource - with othe words a resource visible from client side. Sometimes you might need to do that, for example in an enterprise environment. But in general, when you don't know anything about the client, this would be nonsense.

So let's imagine this second scenario. Than you probaly have a web serves. And let's interprete your question as if you would like this url to point to a server resource. At this point having C:\ and so on makes no sense. Your url needs to be a proper absolute or relative url.

As you mentioned MVC, create a controller like GetServerResource that accepts file path as parameter and returns FileResult with the proper content.

But keep following good in mind: deliver only preciselly controlled content. Apply whitelists or other methods. Otherwise anybody could get every file from the server.

Read also this one: http://technet.weblineindia.com/web/securely-serve-file-in-asp-dot-net-mvc/2/[^]

这篇关于访问App虚拟目录之外的文件的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！