. NET effectively prevents leeching of resources

<? Xml version = "1.0"?>
<! --
Note: In addition to manually editing this file, you can also use
Web management tools to configure application settings. You can use
"Website"-> "Asp. Net configuration" option.
The complete list of settings and comments is displayed in
In machine. config. comments, this file is usually located in
In WindowsMicrosoft. NetFrameworkv2.xConfig
-->

Example

The following sample code demonstrates how to prevent a file from being downloaded without a domain name from a http://www.zhutiai.com.

Public class DownHandler: IHttpHandler
{
Public bool IsReusable
{
Get {return true ;}
}

Public void ProcessRequest (HttpContext context)
{
String server = string. Empty;
// Obtain the name of the external host (domain name)
If (context. Request. UrlReferrer! = Null) {server = context. Request. UrlReferrer. Host ;}
String domain = System. Configuration. ConfigurationManager. receivettings ["domain"]. ToString ();
FileInfo fileInfo = new FileInfo (context. Request. PhysicalPath); // obtain the actual physical path of the Access File
If (server = domain) // compare whether the domain name is allowed
{
Debug. WriteLine (fileInfo. Extension );
Down (context. Request. Path );
}
Else
{
Context. response. write (string. format ("<script type = 'text/Webpage special effect '> alert ('agile college-technical resource library reminder: {0} leeching download is not allowed! Go to http://dev.mjxy.cn to search for the files you want! '); Window. location = 'HTTP: // dev.mjxy.cn/search.asptutorial X? Q = {1} '; </script> ", server, fileInfo. Name ));
Context. Response. End ();
}
}

// Stream download
Public void down (string cc)
{
If (cc! = "")
{
String path = System. Web. HttpContext. Current. Server. MapPath (cc );
System. IO. FileInfo file = new System. IO. FileInfo (path );
If (file. Exists)
{
System. Web. HttpContext. Current. Response. Clear ();
// Specify the name of the downloaded object
System. web. httpContext. current. response. addHeader ("Content-Disposition", "attachment; filename =" + HttpUtility. urlEncode (file. name, Encoding. UTF8 ). replace ("+", "% 20 "));
// File Size
System. Web. HttpContext. Current. Response. AddHeader ("Content-Length", file. Length. ToString ());
// Common format
System. Web. HttpContext. Current. Response. ContentType = "application/octet-stream ";
System. Web. HttpContext. Current. Response. ContentEncoding = Encoding. UTF8;
System. Web. HttpContext. Current. Response. Filter. Close ();
System. Web. HttpContext. Current. Response. WriteFile (file. FullName );
System. Web. HttpContext. Current. Response. End ();
}
Else
{
System. Web. HttpContext. Current. Response. Write ("file does not exist ");
System. Web. HttpContext. Current. Response. End ();
}
}
}
}

Context. Request. UrlReferrer is used to obtain information about the URL of the client's last Request, which is linked to the current URL.
Context. Request. UrlReferrer. Host here is the name of the Host (the domain name accessed by the client.
HttpUtility. UrlEncode (file. Name, Encoding. UTF8). Replace ("+", "% 20") is the Name Encoding of the downloaded file. After UrlEncode encoding, the space in the file name will be converted to + (+ to % 2b), but the browser cannot understand the plus sign as a space, so the file downloaded from the browser, the space is changed to the plus sign. After UrlEncode, replace "+" with "% 20" because the browser converts % 20 to a space.
For the host that allows file download, we configure in web. config:

<Deleetask>
<! -- Domain name that can be downloaded -->
<Add key = "domain" value = "dev.mjxy.cn"/>
</AppSettings>
 

Register an HTTP handler
Modify the web. config configuration file
IIS6

<HttpHandlers>
<! -- Anti-leech download -->
<Add verb = "*" path = "/uploadfiles/files/*. *" validate = "false" type = "KnownWebHandler. DownHandler, KnownWebHandler"/>
</HttpHandlers>

IIS7

<System. webServer>
<Handlers>
<! -- Anti-leech download -->
<Add name = "download" verb = "*" path = "/uploadfiles/files/*. *" type = "KnownWebHandler. DownHandler, KnownWebHandler"/>
</Handlers>
</System. webServer>
 

Path = "/uploadfiles/files/*. *" indicates that only all files in the directory are processed by the KnownWebHandler HTTP handler.

By setting the domain name in web. config, you can control which domain names are allowed, and set whether to download directly or allow leeching.

Download http://down.bKjia. c0m/mbs/2011/08/13/link.rar