将ImageResizer Web.config配置为仅在某些目录上工作 [英] Configuring ImageResizer Web.config To Only Work On Certain Directories
问题描述
产品使用:来自 http://imageresising.net 的ImageResizer.dll
Product Using: ImageResizer.dll from http://imageresizing.net
我有一个客户的网站,我使用这个产品为他们的在线购物车动态调整图像大小。产品工作伟大!我最近添加了一个自定义HTTPHandler( MyCustomSecurityHandler )来控制对特定目录中需要保护的图片的访问。 MyCustomSecurityHandler的代码工作正常,只要我不尝试使用ImageStizer识别的QueryString参数width或height访问图像。如果没有使用QueryString参数,ImageResizer忽略请求,我的自定义HTTPHandler会选择请求并完全处理安全。
I have a website for a client that I use this product to dynamically resize images for their online shopping cart. The product works great! I have recently added a Custom HTTPHandler (MyCustomSecurityHandler) to control access to the images in particular directory that need to be secured. The code for MyCustomSecurityHandler works fine as long as I don't try to access the image using the QueryString parameters "width" or "height" that are recognized by ImageResizer. If no QueryString parameters are used, ImageResizer ignores the request and my Custom HTTPHandler picks up the request and handles the security perfectly.
问题:用户使用ImageResizer.dll可识别的属性在图像的直接路径中键入,我的自定义处理程序将被忽略,并显示图像。
Problem: If the user types in the direct path to the image with the attributes that the ImageResizer.dll recognizes, my custom handler is ignored and the image is displayed.
目标:
1)无论提供了任何查询字符串参数,路径匹配时,我的客户图像处理程序都将触发。 (如果我删除ImageResizer.dll的web.config条目,这将工作)
1) Have my customer image handler fire when the path matches regardless of any querystring parameters provided. (this works if i remove the web.config entries for the ImageResizer.dll)
2)让imageresizer.dll识别QueryString参数,并且只有当图像从以下文件夹或子文件夹:{SITEROOT} / images / products /
2) Have the imageresizer.dll recognize the QueryString parameters and process only if the images is from the following folder or sub folders: {SITEROOT}/images/products/
问题:任何人都有使用此imageresizer.dll产品的经验,
Question: Does anyone have experience using this imageresizer.dll product and can you guide me on how to configure it to reach my desired goals?
我已修改以下配置文件,以显示相关条目我正在使用的是什么。
{MY SECURE DIRECTORY}
实际路径的占位符值在我的网站上
Place holder value for the actual path on my site
WebProjectAssembly.HTTPHandlers.MyCustomSecurityHandler
WebProjectAssembly.HTTPHandlers.MyCustomSecurityHandler
我的自定义HTTPHandler类
My custom HTTPHandler class
我的Web.Config文件:
<?xml version="1.0"?>
<configuration>
<configSections>
<section name="resizer" type="ImageResizer.ResizerSection,ImageResizer" requirePermission="false" />
</configSections>
<resizer>
<!-- Unless you (a) use Integrated mode, or (b) map all requests to ASP.NET,
you'll need to add .ashx to your image URLs: image.jpg.ashx?width=200&height=20 -->
<pipeline fakeExtensions=".ashx" defaultCommands="autorotate.default=true"/>
<plugins>
<add name="DiskCache" />
<!-- <add name="PrettyGifs" /> -->
<!-- <add name="SimpleFilters" /> -->
<!-- <add name="S3Reader" /> -->
</plugins>
</resizer>
<system.web>
<httpModules>
<!--This is for IIS7/8 Classic Mode and Cassini-->
<add name="ImageResizingModule" type="ImageResizer.InterceptModule" />
</httpModules>
<httpHandlers>
<add verb="*" path="/{MY SECURE DIRECTORY}/*.jpg" type="WebProjectAssembly.HTTPHandlers.MyCustomSecurityHandler" />
</httpHandlers>
<httpRuntime targetFramework="4.5" />
</system.web>
<system.webServer>
<validation validateIntegratedModeConfiguration="false" />
<handlers>
<add verb="*" path="/{MY SECURE DIRECTORY}/*.jpg" name="MyCustomHandler" type="WebProjectAssembly.HTTPHandlers.MyCustomSecurityHandler" />
</handlers>
<modules>
<!--This is for IIS7/8 Integrated mode-->
<add name="ImageResizingModule" type="ImageResizer.InterceptModule" />
</modules>
</system.webServer>
</configuration>
推荐答案
IIS / ASP.NET不允许根据目录启用或禁用模块,除非它们是单独的应用程序。
IIS/ASP.NET do not let you enable or disable modules based on directory, unless they are separate applications.
但是,根据您的任务(控制映像访问),您只需使用ImageResizer v4的 AuthorizeImage c $ c> authorizeAllImages =true。这将触发所有请求,并让您实现您的目标。
However, given your task (control image access), you could just use ImageResizer v4's AuthorizeImage event with authorizeAllImages="true". That will fire on all requests, and let you meet your goals.
这篇关于将ImageResizer Web.config配置为仅在某些目录上工作的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
