限制从URL文件访问 [英] Restrict File Access From URL
问题描述
我在ASP.NET开发的网站是hosted.Now在我的网站有被称为上传文件夹中,一些.rar文件保存为私人使用。当我直接键入URL,文件获取下载。
说假设该文件是在http://www.mathew.com/uploads/mine.rar\",if我在浏览器中键入URL,然后回车,它会下载即使目录列表是不存在的文件。
I have a site developed in ASP.NET which is hosted.Now in my site there is folder known as "upload" in which some .rar files are saved for private use.When I directly type the url, the file gets downloaded. Say suppose the file is at "http://www.mathew.com/uploads/mine.rar",if i type the url in the browser and hit enter,it downloads the file even though directory listing is not there.
我想限制this..How我能实现它。
谢谢,
马修
I want to restrict this..How can I achieve it. Thanks, Mathew
推荐答案
您可以通过授权限制。把的web.config
文件这个文件夹中有:
You can restrict that by authorization. Put a web.config
file in this folder with:
<configuration>
<system.web>
<authorization>
<deny users="*"/>
</authorization>
</system.web>
</configuration>
编辑:
这是行不通的,因为RAR文件不是由asp.net处理,所以除了你需要添加一个处理程序asp.net治疗RAR文件像ASPX文件:
This won't work since rar files are not handled by asp.net, so in addition you need to add a handler for asp.net treat rar files like aspx files:
有关经典模式:
<system.web>
<httpHandlers>
<add verb="*" path="*.rar" type="System.Web.UI.PageHandlerFactory" />
</httpHandlers>
</system.web>
有关集成模式(默认为 IIS 7.5
和 VS房价
)
For integrated mode (default for iis 7.5
and VS 2012
)
<system.webServer>
<handlers>
<add name="rar" path="*.rar" verb="*" type="System.Web.UI.PageHandlerFactory"/>
</handlers>
</system.webServer>
这篇关于限制从URL文件访问的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!