{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 beautiful° 的问题《Protecting folders in MVC》','https://www.manongdao.com/q-231426.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
I have some files in my Content folder that I don't want a user to be able to download without being authorised. How do I prevent a user from just getting to the file by typing ...Content/{filename} into the address bar?
相关问题
- MVC-Routing,Why i can not ignore defaults,The matc
- How to dynamically load partial view Via jquery aj
- parameters in routing do not work MVC 3
- There is no ViewData item with the key 'taskTy
- TextBoxFor decimal
相关文章
- How to get a list of connected clients on SignalR
- How do you redirect to the calling page in ASP.NET
- Change color of bars depending on value in Highcha
- The program '[4432] iisexpress.exe' has ex
- ASP.Net MVC 4 Bundles
- Forward request from servlet to jsp
- How to get server path of physical path ?
- Cannot implicitly convert Web.Http.Results.JsonRes
Well one way is to have it outside the context of IIS, so instead of having them under
C:\inetpub\wwwrootchange it to something like
C:\temp\files.in your DB have a GUID associated with the document name and use the GUID to display the link to the file.
in your controller action you would just accept the GUID, get the filename and then serve the file in your response.
it doesn't work for me.
I run my MVC 4.0 application, login and logout, can't access any app page, but still can access file by direct link like
There are a couple of possibilities. The first one consists into using the
<location>tag in your web.config:Another possibility is to put those files inside a folder where noone can access (like the App_Data folder for example) and then have a controller action that will serve those files which will be decorated with the
[Authorize]attribute.