How to restrict to open a uploaded file?
-
Hi all, My application is an asp.net web application which deals with different user logins(user types like Gatekeeper and Pde users). Here only i am facing one peculiar problem that In Gatekeeper (login) uploaded one txt document in the application.After uploading QA team taking the copy of URL of uploaded document. Let say URL be like :http://localhost/cms/UI/Documents/BoltonCMS11102009112303PM.txt Now QA team they are login as Pde user and trying to paste the above URL in Home page,at this moment the uploaded document that is the txt file is opening which is a bug we need to restrict to open that uploaded document . Could any one help on this? thanks in advance, Eswar.
-
Hi all, My application is an asp.net web application which deals with different user logins(user types like Gatekeeper and Pde users). Here only i am facing one peculiar problem that In Gatekeeper (login) uploaded one txt document in the application.After uploading QA team taking the copy of URL of uploaded document. Let say URL be like :http://localhost/cms/UI/Documents/BoltonCMS11102009112303PM.txt Now QA team they are login as Pde user and trying to paste the above URL in Home page,at this moment the uploaded document that is the txt file is opening which is a bug we need to restrict to open that uploaded document . Could any one help on this? thanks in advance, Eswar.
Instead of a direct link to a file, have a link to a page which takes an id on the query string, uses the id to lookup the file, and fails to do so if the permissions check fails. Or write a HTTP Handler for the file type which first checks permissions. I'd go the former, if you can hide the actual file path, it's harder to hack.
Christian Graus Driven to the arms of OSX by Vista. Read my blog to find out how I've worked around bugs in Microsoft tools and frameworks.