Powered by Blogger.

Saturday, March 1, 2014

Preventing Files from Being Downloaded in Asp.Net

HttpForbiddenHandler class is used to prevent certain file types from being downloaded over the Web. This class is used internally by ASP.NET to prevent the download of certain system level files.

Also you can check out:

- How to open hyperlink in new tab using jQuery or JavaScript?

- Properties in C#.Net

- Left outer join and Right outer join in SQL Server

To use the HttpForbiddenHandler to prevent a particular file type from being downloaded,refer below.

Create an application mapping in IIS for the specified file type to map it to Aspnet_isapi.dll.

a. On the taskbar, click the Start button, click Programs, click Administrative Tools, and then select Internet Information Services.

b. Select your application’s virtual directory, right-click, and then click Proper- ties.

c. Select Application Settings, click Configuration..

d. Click Add to create a new application mapping.

e. Click Browse, and select c:\winnt\Microsoft.NET\Framework\v1.0.3705\aspnet_isapi.dll.

f. Enter the file extension for the file type you want to prevent being down- loaded (for example, .xyz) in the Extension field.

g. Ensure All Verbs and Script engine is selected and Check that file exists is not selected.

h. Click OK to close the Add/Edit Application Extension Mapping dialog box.

i. Click OK to close the Application Configuration dialog box, and then click OK again to close the Properties dialog box.

Add an <HttpHandler> mapping in Web.config for the specified file type.
An example for the .xyz file type is shown below.

<add verb="*" path="*.xyz" type="System.Web.HttpForbiddenHandler"/>