how to restrict a file from being download

Question

1.00/5 (1 vote)

See more:

I have devloped a website and deploy it on IIS, then i have a create a window based application and trying to download some files from my deployed application. with the help of WebClient.dowonloadFile(http://192.168.1.1/test/default.aspx) and i can donwload that file.

So it is clear that my website is not secure, How to restrict files from being download. and if i want to download file then without help of credential it gives me error

how to accomplish my task.

Thanks in advnace

Posted 9-Jul-12 18:59pm

koolprasad2003

Add a Solution

Comments

Sergey Alexandrovich Kryukov 10-Jul-12 1:37am

Why do you consider downloading as "not secure"? How do you want to restrict downloads? And how come it can be a problem? You fully control how to respond to HTTP request...
--SA

Sergey Alexandrovich Kryukov 10-Jul-12 1:40am

And, if you deploy it "on ISS" and this HTTP server is on some remote host, you cannot access it through Internet if its address is http://192.168.1.1. It could only be a local network address. Did you know that?
--SA

1 solution

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Sergey Alexandrovich Kryukov · Answer 1 · 2012-07-09T19:45:00

You did not explain how would you want to restrict the download, but most likely you would allow some downloads only for authenticated users. To learn about it, read this:
http://msdn.microsoft.com/en-us/library/eeyk640h.aspx[^].

Based on authentication, not only you can control the download, you can even restrict rendering the page from which one could download a file. Now, what about downloading itself?

With download, the simplest form is as simple as this:

HTML

<a href="myFile.zip">Download myFile.zip</a>

This is something you cannot "restrict". So, to provide restrictions, you need to use more complicated approach.

You can have some control to post a request for the file, for example, a button on a button click. The server part should generate HTTP response with the file. Note, that you don't even need a file in the file system on the server's host. The file is generated on the fly anyway. The correct "downloading" behavior of the client is directed by appropriate HTTP headers, in this case, this is "content-disposition". This is shown in the code sample of the answer to this question:
http://stackoverflow.com/questions/2009057/download-file-from-server-asp-net[^].

Note, that this code sample also demonstrates some rudimentary restriction, by the requested file "extension". (See the string "File extension is not allowed" in the sample code.) Again, as this is your code, you impose the restrictions you want; this sample is enough for you to get the idea.

—SA