Comments on: ASP.Net file download protection through authentication

By: Sachin

Sachin — Fri, 07 Aug 2009 17:58:00 +0000

I get an error as fn not declared in line below

Try
Response.TransmitFile(fn)
Catch ex As Exception
‘ redirect to error opening file page
End Try

download.aspx while

By: mr alex weir

mr alex weir — Fri, 27 Mar 2009 09:13:09 +0000

dear dev
I am writing an asp.net website using windows live ID authentication. We will have a lot of pdf, word and excel files whose accessibility will depend on the WLID. How can I ensure that people looking over the shoulder cannot view those files directly? I am guessing 2 ways, but maybe you have more/better:

1. hide the url and give the files random names (I dont know how to hide the url in asp.net)

2. store the files in a non-accessible directory and temporary copy over the file required to an accesible directory with a random file name. The file will be deleted after a preset time (e.g. 10-20 minutes)

pls advise

thanks

Alex Weir, Harare and Gaborone

By: Bill

Bill — Fri, 12 Dec 2008 16:25:09 +0000

Does it show the download progress correctly or say time remaining unknown?

By: sam

sam — Wed, 06 Aug 2008 08:21:49 +0000

Sir,

Hello . I want to prevent video files from downloading. I have a webpage to play. Suppose they have download manager means all are download it easily. so how can i prevent video files downloading……

By: andrew

andrew — Fri, 25 Jul 2008 10:18:21 +0000

very good post, but I found this method doesn’t supports the Resume download option, do you know how to implement this?

it would be very nice!

By: Mark

Mark — Thu, 26 Jul 2007 16:59:18 +0000

I had to undertake the same task as you did so I wrote an article on it. But my guide illustrates an example using php. :)

The example is at: http://www.marksanborn.net/php/download-files-through-authentication/

By: Adam

Adam — Sat, 03 Mar 2007 14:20:47 +0000

You are absolutely correct, thanks!

While testing your change I ran into a much simpler method of attaching the file (Response.TransmitFile). I’ve updated the post to use it instead since it removes the complexity and potential for errors.

By: Izzy

Izzy — Sat, 24 Feb 2007 11:40:02 +0000

Oops, I mean the mistake in (oh, the irony):
ReDim fbytes(fs.Length)
fs.Read(fbytes, 0, fs.Length)

Yea, we all copy and paste :-/

By: Izzy

Izzy — Sat, 24 Feb 2007 11:38:26 +0000

There is a mistake in:
ReDim fbytes(fs.Length – 1)
fs.Read(fbytes, 0, fs.Length – 1)

Should be:
ReDim fbytes(fs.Length – 1)
fs.Read(fbytes, 0, fs.Length – 1)

You are adding an extra byte to the end of the file without this -1 in the code. This is because arrays start counting elements at 0 and .Length starts counting at 1… This way you don’t corrupt your users data for sensitive files =)