Realization of anti-theft chain function based on urlrewrite in asp.net

  This article mainly introduces how to implement the Anti-Theft chain based on Urlrewrite in ASP.net, and the friends who need it can refer to the following

The fastest way to implement Urlrewrite in asp.net this article said how to do urlrewrite, it is just a simple application     In fact, using the Urlrewrite and IIS settings we can achieve a simple and effective anti-theft chain function.     Let's say your site has a file: Web.rar, you want to have some specific domain name of the source address or have logged in to access the user, then have to use anti-theft chain function, in the ASP era, we need to use third-party components to achieve this effect, but in asp.net we can directly use Context.rewri Tepath to realize it.     Download configuration file:    code as follows: <?xml version= "1.0" encoding= "Utf-8"?>  <DownLoad>  < checktype>1</checktype>  <CookiesName>username</CookiesName>  <UrlPattern>   <! [cdata[//(. +?) /.rar/b]]>  </UrlPattern>  <UrlReplace>  <! [cdata[default.aspx?d=$1.rar]]>  </UrlReplace>  <AllowHost>  <! [cdata[127.0.0.1]]>  </AllowHost>  </DownLoad>    notes:    Checktype: Type of Authentication required (1: Only verify valid domain name, 2: Only verify that there are cookies,3: simultaneously verify domain name and cookies)   Cookiesname: The cookie name to be verified may be null.   Urlpattern: URL format requested.   urlreplace: The URL format to turn when the download is invalid.   Allowhost: Allowed source domain name. Configuration in     global.aspx:    Code is as follows: void Application_BeginRequest (object sender, EventArgs e)   {  bool Isallowdomain = FALSE;&N Bsp BOOL IsLogin = false;  String cookiesname = "UserName", Allowhost, referrerhost= "";  int checktype = 1;  bo Ol Allowdown = false;  string[] allowhostarr;  string urlpattern = "", Urlreplace = ";  string[] pattern, replace;  string configfile = configurationmanager.appsettings["Downloadconfig"];  if (ConfigFile!= "")   {  try  {  System.Xml.XmlDataDocument xdconfig = new System.Xml.XmlDataDocument ();  Xdconfig.load (AppDomain.CurrentDomain.BaseDirectory + @ "/" + configfile);  if (Xdconfig.selectsinglenode (" Download/checktype "). InnerText!= "")   {  checktype = Int. Parse (Xdconfig.selectsinglenode ("Download/checktype"). innertext); }  if (Xdconfig.selectsinglenode ("Download/cookiesname"). InnerText!= "")   {  cookiesname = Xdconfig.selectsinglenode ("Download/cookiesname"). innertext; }  allowhost = Xdconfig.selectsinglenode ("Download/allowhost"). innertext;  Allowhostarr = allowhost.split (' | ');   Urlpattern = Xdconfig.selectsinglenode ("Download/urlpattern"). innertext;  urlreplace = Xdconfig.selectsinglenode ("Download/urlreplace"). innertext;  pattern = urlpattern.split (' @ ');  replace = Urlreplace.split (' @ ');  if (Cookiesname = "") Coo Kiesname = "UserName";  IsLogin = False. Equals (Request.cookies[cookiesname] = = NULL | | Request.cookies[cookiesname]. Value = = "");  if (request.urlreferrer!= null) Referrerhost = Request.UrlReferrer.Host.ToString ();  if (allowh Ostarr.length < 1)   {  isallowdomain = true; }  else  {  for (int hosti = 0; Hosti < allowhostarr.length-1; hosti++)   {  if (Allowhostarr[hosti]. ToLower () = Referrerhost.tolower ())   {  Isallowdomain = true;  break; } } }  SWITC H (checktype)   {  case 1:  Allowdown = True. Equals (isallowdomain);  break;  case 2:  allowdown = islogin;  break;  case 3:  AllowDown = True. Equals (Isallowdomain && islogin);  break; }  if (Allowdown = False)   {  string oldurl = httpcontext.current.request.rawurl;  string newurl = oldurl;  for (int iii. = 0; III < pattern. Length; iii++)   {  if (Regex.IsMatch (Oldurl, PATTERN[III), Regexoptions.ignorecase | regexoptions.compiled))   {  Newurl = Regex.Replace (Oldurl, PATTERN[III], REPLACE[III], regexoptions.compiled | regexoptions.ignorecase);  Oldurl = newurl; } }  this. Configuration in Context.rewritepath (newurl); } }  catch  { } } }    Web.config: & nbsp   Code as follows: <appSettings>  <add key= "Downloadconfig" value= "Download.config"/>  </ appsettings>    IIS configuration:    executable file fill: c:/windows/microsoft.net/framework/v2.0.50727/aspnet_isapi.dll (as the case may be)     Remember to remove the tick before checking the file for existence.     You can add this to any file you want to have a security chain, in fact, there is a "wildcard application mapping" in the 2003Server version of IIS6:    Add this is tantamount to all the requests to the. NET, so that the implementation of the anti-theft chain, even if it is the Thunderbolt or what other download tools are still not, under the filename is that but the content is completely not, hey ...