How ASPs prevent hotlinking or prevent downloads

When we manage Web site files, we can put the same file name extension under the same directory, a more special names, such as the PDF file directory for the_pdf_file_s, save the following code as down.asp, his online path is http://www.xx.com/ Down.asp, we can use http://www.xx.com/down.asp? Filename=51windows.pdf to download this file, and the download can not see the actual download path of this file! In down.asp we can also set whether the download file need to log in, to determine whether the source page of the download is an external site, so you can prevent files from being hotlinking.

Sample code:

The following are the referenced contents: <% From_url = Cstr (Request.ServerVariables ("Http_referer")) Serv_url = Cstr (Request.ServerVariables ("SERVER_NAME")) If Mid (From_url,8,len (serv_url)) <> Serv_url Then Response.Write "Illegal link! "' Prevent hotlinking Response.End End If If Request.Cookies ("logined") = "" Then Response.Redirect "/login.asp" needs landing! End If Function GetFileName (longname) '/folder1/folder2/file.asp=>file.asp While InStr (LongName, "/") LongName = Right (Longname,len (longname)-1) Wend GetFileName = longname End Function Dim Stream Dim Contents Dim FileName Dim Truefilename Dim Fileext Const adTypeBinary = 1 filename = request.querystring ("filename") If FileName = "" Then Response.Write "Invalid filename! " Response.End End If Fileext = Mid (filename, InStrRev (filename, ".") + 1) Select case UCase (Fileext) Case "ASP", "ASA", "ASPX", "ASAX", "MDB" Response.Write "Illegal Operation! " Response.End End Select Response.Clear If LCase (filename,3) = "gif" or LCase (right (filename,3) = "jpg" or LCase (right (filename,3)) = "png" Then Response.ContentType = "image/*" does not appear on the image File Download dialog box Else Response.ContentType = "Application/ms-download" End If Response.AddHeader "Content-disposition", "attachment"; Filename= "& GetFileName (Request.QueryString (" FileName ")) Set Stream = server. CreateObject ("ADODB.") Stream ") Stream.type = adTypeBinary Stream.open If LCase (right (filename,3) = "PDF" then "set PDF type file directory Truefilename = "/the_pdf_file_s/" &filename End If If LCase (right (filename,3) = "Doc" then "Set Doc type file directory Truefilename = "/my_d_o_c_file/" &filename End If If LCase (filename,3) = "gif" or LCase (right (filename,3) = "jpg" or LCase (right (filename,3)) = "png" Then Truefilename = "/all_images_/" &filename set image file directory End If Stream.loadfromfile Server.MapPath (Truefilename) While not Stream.eos Response.BinaryWrite Stream.read (1024 * 64) Wend Stream.Close Set Stream = Nothing Response.Flush Response.End %>

Local pictures, music and other ASP anti-theft chain code (ASP)

The following are the referenced contents: <% ' Define function, read binary data with ADODB.stream Function Readbinaryfile (FileName) Const adTypeBinary = 1 Dim Binarystream Set Binarystream = CreateObject ("ADODB. Stream ") Binarystream.type = adTypeBinary Binarystream.open Binarystream.loadfromfile FileName Readbinaryfile = Binarystream.read End Function Response.AddHeader "Content-disposition", "attachment;filename=2.gif" ' filename Response.ContentType = "Image/gif" setting (1) Response. BinaryWrite Readbinaryfile (Server.MapPath ("2.gif")) ' is that you read the presence of local files to prevent being Others know that the real path is stolen. %>