All geek questions in one place

Creating a secure link

Is there a way to create a secure download link that is random, expires, requires a password, and points to a specific C # file that is associated with IIS 7.0?

Several random links may link to the same file.

Embedded codes or possibly third-party libraries?

For instance, http://www.example.com/<some random gibberish>/<md5 of file>/file.jpg

+3
source share
2 answers

One way to do this is to use a GUID. GUIDs are not designed to be encountered, and this design also makes it difficult to determine valid GUIDs. I'm sure someone out there will tell me that it is not very safe! Well, you also protect the password. It is very easy to generate a GUID in C #.

, , -, , , , -, , GUID , , .

GUID, URL-, ( ) . URL/GUID, , , ( - ) , .

GUID, :

System.Guid.NewGuid().ToString()

, ( IIS7), web.config :

<modules>
  <add name="MyDownloadModule" type="Example.MyDownloadModule, Example"/>
</modules>

MyDownloadModule - , , .

IHttpModule, :

public string ModuleName { 
    get { return "MyDownloadModule"; }
}

public void Init(HttpApplication app) {
    // Add an event handle which is called at the beginning of each request
    app.BeginRequest += new EventHandler(this.AppBeginRequest);
}

//
// Our event handler for the BeginRequest event
//
private void AppBeginRequest(Object source, EventArgs e)
{
    HttpRequest request = app.Context.Request;

    //
    // Is this a file download?
    //
    if (request.AppRelativeCurrentExecutionFilePath == "~/downloads") // or whatever
    {
          // this is where you work your GUID inspecting magic
    }
}

, , , .

+2

HttpHandler, /.

- :

http://www.example.com/download?token={your_token}

, , querystring .

IHttpHandler . MSDN http://msdn.microsoft.com/en-us/library/system.web.ihttphandler.aspx

0

Source: https://habr.com/ru/post/1738910/

More articles:


All Articles