限制从URL文件访问 [英] Restrict File Access From URL

问题描述

我在ASP.NET开发的网站是hosted.Now在我的网站有被称为上传文件夹中，一些.rar文件保存为私人使用。当我直接键入URL，文件获取下载。
说假设该文件是在http://www.mathew.com/uploads/mine.rar\",if我在浏览器中键入URL，然后回车，它会下载即使目录列表是不存在的文件。

I have a site developed in ASP.NET which is hosted.Now in my site there is folder known as "upload" in which some .rar files are saved for private use.When I directly type the url, the file gets downloaded. Say suppose the file is at "http://www.mathew.com/uploads/mine.rar",if i type the url in the browser and hit enter,it downloads the file even though directory listing is not there.

我想限制this..How我能实现它。
谢谢，
马修

I want to restrict this..How can I achieve it. Thanks, Mathew

推荐答案

您可以通过授权限制。把的web.config 文件这个文件夹中有：

You can restrict that by authorization. Put a web.config file in this folder with:

<configuration>
    <system.web>
        <authorization>
            <deny users="*"/>
        </authorization>
    </system.web>
</configuration>

编辑：

这是行不通的，因为RAR文件不是由asp.net处理，所以除了你需要添加一个处理程序asp.net治疗RAR文件像ASPX文件：

This won't work since rar files are not handled by asp.net, so in addition you need to add a handler for asp.net treat rar files like aspx files:

有关经典模式：

<system.web>
  <httpHandlers>
    <add verb="*" path="*.rar" type="System.Web.UI.PageHandlerFactory" />
  </httpHandlers>
</system.web>

有关集成模式（默认为 IIS 7.5 和 VS房价）

For integrated mode (default for iis 7.5 and VS 2012)

<system.webServer>
  <handlers>
    <add name="rar" path="*.rar" verb="*" type="System.Web.UI.PageHandlerFactory"/>
  </handlers>
</system.webServer>

这篇关于限制从URL文件访问的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！