C# 在ASP.NET中隐藏文件下载的物理路径
我想让一些用户从我的网站下载一些文件,我不想让他们看到下载文件的物理路径 我将文件移动到web文件夹之外的文件夹中,并使用Response.WriteFile(文件路径)下载它们。这有助于我隐藏路径,但此方法不支持我真正想要的恢复下载C# 在ASP.NET中隐藏文件下载的物理路径,c#,asp.net,file-io,path,download,C#,Asp.net,File Io,Path,Download,我想让一些用户从我的网站下载一些文件,我不想让他们看到下载文件的物理路径 我将文件移动到web文件夹之外的文件夹中,并使用Response.WriteFile(文件路径)下载它们。这有助于我隐藏路径,但此方法不支持我真正想要的恢复下载 那么您建议我使用什么方法呢?创建一个临时目录并将文件复制到其中。您甚至可以将该文件重命名为其他文件,使其不可“猜测” 我假设,如果他们可以下载该文件,其内容适用于该人,因此不存在用户知道直接链接的问题。其他人将无法猜测随机目录和/或文件名 var director
那么您建议我使用什么方法呢?创建一个临时目录并将文件复制到其中。您甚至可以将该文件重命名为其他文件,使其不可“猜测” 我假设,如果他们可以下载该文件,其内容适用于该人,因此不存在用户知道直接链接的问题。其他人将无法猜测随机目录和/或文件名
var directoryName = String.Format("{0}\{1}\{2}",
Server.MapPath("original Path"),System.Guid.NewGuid().Replace("-",""), fileName);
这与我们从系统中导出信息的过程几乎相同。很简单,我以前做过。 只需隐藏“input file”控件,使其隐藏在UI上,然后创建一个按钮,单击该按钮可触发“input file”控件的单击事件。 然后,您还可以使用javascript(在我的例子中,它是JQuery)将浏览文件的名称放入表示文件名称的文本框中
因此,文件路径对UI是隐藏的。我将实现一个文件处理程序(.ashx文件),它根据查询字符串中的某种id或名称为文件提供服务,并按如下方式发送:
以下是最佳方法:
public static bool DownloadFile(HttpContext httpContext, string filePath, long speed)
{
// Many changes: mostly declare variables near use
// Extracted duplicate references to HttpContext.Response and .Request
// also duplicate reference to .HttpMethod
// Removed try/catch blocks which hid any problems
var response = httpContext.Response;
var request = httpContext.Request;
var method = request.HttpMethod.ToUpper();
if (method != "GET" &&
method != "HEAD")
{
response.StatusCode = 501;
return false;
}
if (!File.Exists(filePath))
{
response.StatusCode = 404;
return false;
}
// Stream implements IDisposable so should be in a using block
using (var myFile = new FileStream(filePath, FileMode.Open, FileAccess.Read))
{
var fileLength = myFile.Length;
if (fileLength > Int32.MaxValue)
{
response.StatusCode = 413;
return false;
}
var lastUpdateTiemStr = File.GetLastWriteTimeUtc(filePath).ToString("r");
var fileName = Path.GetFileName(filePath);
var fileNameUrlEncoded = HttpUtility.UrlEncode(fileName, Encoding.UTF8);
var eTag = fileNameUrlEncoded + lastUpdateTiemStr;
var ifRange = request.Headers["If-Range"];
if (ifRange != null && ifRange.Replace("\"", "") != eTag)
{
response.StatusCode = 412;
return false;
}
long startBytes = 0;
// Just guessing, but I bet you want startBytes calculated before
// using to calculate content-length
var rangeHeader = request.Headers["Range"];
if (rangeHeader != null)
{
response.StatusCode = 206;
var range = rangeHeader.Split(new[] { '=', '-' });
startBytes = Convert.ToInt64(range[1]);
if (startBytes < 0 || startBytes >= fileLength)
{
// TODO: Find correct status code
response.StatusCode = (int)HttpStatusCode.BadRequest;
response.StatusDescription =
string.Format("Invalid start of range: {0}", startBytes);
return false;
}
}
response.Clear();
response.Buffer = false;
response.AddHeader("Content-MD5", GetMD5Hash(filePath));
response.AddHeader("Accept-Ranges", "bytes");
response.AppendHeader("ETag", string.Format("\"{0}\"", eTag));
response.AppendHeader("Last-Modified", lastUpdateTiemStr);
response.ContentType = "application/octet-stream";
response.AddHeader("Content-Disposition", "attachment;filename=" +
fileNameUrlEncoded.Replace("+", "%20").Replace(",",";"));
var remaining = fileLength - startBytes;
response.AddHeader("Content-Length", remaining.ToString());
response.AddHeader("Connection", "Keep-Alive");
response.ContentEncoding = Encoding.UTF8;
if (startBytes > 0)
{
response.AddHeader("Content-Range",
string.Format(" bytes {0}-{1}/{2}", startBytes, fileLength - 1, fileLength));
}
// BinaryReader implements IDisposable so should be in a using block
using (var br = new BinaryReader(myFile))
{
br.BaseStream.Seek(startBytes, SeekOrigin.Begin);
const int packSize = 1024 * 10; //read in block,every block 10K bytes
var maxCount = (int)Math.Ceiling((remaining + 0.0) / packSize); //download in block
for (var i = 0; i < maxCount && response.IsClientConnected; i++)
{
response.BinaryWrite(br.ReadBytes(packSize));
response.Flush();
// HACK: Unexplained sleep
var sleep = (int)Math.Ceiling(1000.0 * packSize / speed); //the number of millisecond
if (sleep > 1)
Thread.Sleep(sleep);
}
}
}
return true;
}
static string GetMD5Hash(string input)
{
// Create a new instance of the MD5CryptoServiceProvider object.
MD5 md5Hasher = MD5.Create();
// Convert the input string to a byte array and compute the hash.
byte[] data = md5Hasher.ComputeHash(Encoding.Default.GetBytes(input));
// Create a new Stringbuilder to collect the bytes
// and create a string.
StringBuilder sBuilder = new StringBuilder();
// Loop through each byte of the hashed data
// and format each one as a hexadecimal string.
for (int i = 0; i < data.Length; i++)
{
sBuilder.Append(data[i].ToString("x2"));
}
// Return the hexadecimal string.
return sBuilder.ToString();
}
publicstaticbool下载文件(HttpContext-HttpContext,字符串文件路径,长速度)
{
//许多变化:主要是声明接近使用的变量
//提取了对HttpContext.Response和.Request的重复引用
//还重复了对.HttpMethod的引用
//删除了隐藏任何问题的try/catch块
var response=httpContext.response;
var request=httpContext.request;
var method=request.HttpMethod.ToUpper();
如果(方法!=“获取”&&
方法!=“头”)
{
response.StatusCode=501;
返回false;
}
如果(!File.Exists(filePath))
{
response.StatusCode=404;
返回false;
}
//流实现IDisposable,因此应该在using块中
使用(var myFile=newfilestream(filePath,FileMode.Open,FileAccess.Read))
{
var fileLength=myFile.Length;
if(fileLength>Int32.MaxValue)
{
response.StatusCode=413;
返回false;
}
var lastUpdateTimeStr=File.GetLastWriteTimeUtc(filePath.ToString(“r”);
var fileName=Path.GetFileName(filePath);
var fileNameUrlEncoded=HttpUtility.UrlEncode(文件名,Encoding.UTF8);
var eTag=fileNameUrlEncoded+lastUpdateTimesTR;
var ifRange=request.Headers[“If Range”];
if(ifRange!=null&&ifRange.Replace(“\”,“)!=eTag)
{
response.StatusCode=412;
返回false;
}
长起始字节=0;
//只是猜测,但我打赌你想先计算开始字节
//用于计算内容长度
var rangeHeader=request.Headers[“Range”];
if(rangeHeader!=null)
{
response.StatusCode=206;
var range=rangeHeader.Split(新[]{'=','-'});
startBytes=Convert.ToInt64(范围[1]);
if(起始字节<0 | |起始字节>=文件长度)
{
//TODO:查找正确的状态代码
response.StatusCode=(int)HttpStatusCode.BadRequest;
response.StatusDescription=
格式(“无效的范围开始:{0}”,起始字节);
返回false;
}
}
response.Clear();
response.Buffer=false;
AddHeader(“Content-MD5”,GetMD5Hash(filePath));
AddHeader(“接受范围”、“字节”);
AppendHeader(“ETag”,string.Format(“{0}\”,ETag));
AppendHeader(“上次修改”,lastUpdateTimesTR);
response.ContentType=“应用程序/八位字节流”;
AddHeader(“内容处置”、“附件;文件名=”+
fileNameUrlEncoded.Replace(“+”,“%20”).Replace(“,”,“;”);
var剩余=文件长度-起始字节;
response.AddHeader(“内容长度”,剩余的.ToString());
AddHeader(“连接”,“保持活动”);
response.ContentEncoding=Encoding.UTF8;
如果(起始字节>0)
{
response.AddHeader(“内容范围”,
Format(“字节{0}-{1}/{2}”,起始字节,fileLength-1,fileLength));
}
//BinaryReader实现IDisposable,因此应位于using块中
使用(var br=新二进制读取器(myFile))
{
br.BaseStream.Seek(startBytes,SeekOrigin.Begin);
const int packSize=1024*10;//在块中读取,每个块10K字节
var maxCount=(int)Math.天花((剩余+0.0)/packSize);//分块下载
对于(var i=0;i1)
睡眠;
}
}
}
返回true;
}
静态字符串GetMD5Hash(字符串i