On my website, www.pakdev.net, I create screencasts to which are streamed through silverlight.
I create a custom handler to block the download of .wmv files from the url like [URL]
But the problem is now the silverlight has also stopped streaming files.
I create a custom http handler to block download of .wmv files e.g. www.pakdev.net/videos/file.wmv (blocked by httpHandler).
But the problem is that now silverlight cannot also stream these video files as they are blocked too.
Is it possible to register a custom httphandler in a stand alone assembly? I'm writing a control toolkit that uses httphandlers to perform AJAX and I would like to make the use of the toolkit as low friction for the web developers as possible. There will be quite a few handlers and I dont want the developer to have to register them all in the web.config.
View 2 RepliesI created a HttpHandler for downloading files from the server. It seems it is not handling anything...I put a breakpoint in the ProcessRequest, it never goes there.
public class DownloadHandler : IHttpHandler
{
public void ProcessRequest(HttpContext context)
{
//download stuff and break point
}
}
It never stops there, as mentioned. I also registered it in the web.config.
<add verb="*" path="????" type="DownloadHandler" />
I am not sure about the path part of that entry. What do I have to enter there? I am downloading txt files, but the URL does not contain the filename, I somehow have to pass it to the handler. How would I do this? Session maybe?
I had a look through some of the older questions, but I can't find anything.I have a Wildcard HttpHandler on my web app which is processing the url and working out if it can do anything with itIf it can't, then the StaticFile Handler should pick it up and just serve it as a static file (like an html file).The problem is, it's going through the Wildcard handler, then seemingly not going to the StaticFileHander. Is there something I need to do to the Wildcard handler, or in the web config?This is my web.config:
<add name="Wildcard" path="*" verb="*" type="Rewriter.RewriterHttpModule"
modules="IsapiModule" requireAccess="None" allowPathInfo="false"
preCondition="" responseBufferLimit="4194304" />
<add name="StaticFile" path="*.*" verb="*"
modules="StaticFileModule,DefaultDocumentModule,DirectoryListingModule"
scriptProcessor="%windir%Microsoft.NETFrameworkv2.0.50727aspnet_isapi.dll"
resourceType="File" requireAccess="Read" allowPathInfo="false" preCondition=""
responseBufferLimit="4194304" />
I'm writing a multi-tenant app that will receive requests like http://www.tenant1.com/content/images/logo.gif and http://www.anothertenant.com/content/images/logo.gif. I want the requests to actually map to the folder location /content/tenant1/images/logo.gif and /content/anothertenant/images/logo.gif
I'm using asp.net Mvc 2 so I'm sure there's probably a way to setup a route to handle this or a custom route handler?
I have an HttpModule and I'd like to choose the HttpHandler for the current request, is that possible? Also web.config is not an option because the condition is not based on path or extension. My googling skills have failed me, no matter what keywords I use all the results are "IHttpHandler vs IHttpModule".
View 3 RepliesI need to access image files (.jpg) on a server other than the web server my app runs on. I would like to use an httphandler to do this but I am unsure of the syntax to specify the path. I have tried mapping a drive on the web server to the file server but that didn't work. I have tried using a UNC path but that did not work either.
View 1 RepliesI developed a .Net 3.5 x64 web application that includes a custom HttpHandler in the config:
<add path="*.class1" verb="GET" type="ClassLibrary1.Class1Handler"/>
This works when the platform target for ClassLibrary1 is set at x86.
However, when I set this to x64 I get the following error when I run web application starts (it compiles just fine): Configuration Error Description: An error occurred during the processing of a configuration file required to service this request. Please review the specific error details below and modify your configuration file appropriately. Parser Error Message: Could not load file or assembly 'ClassLibrary1, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null' or one of its dependencies. An attempt was made to load a program with an incorrect format.
Does this mean that a HttpHandler can be compiled at x86 only?That doesn't make much sense to me.Does anyone have an idea of what could be going on?Edit 1:The ClassLibrary1 project is just an empty class library project with a single HttpHandler added (which is also empty).Edit 2:I am also getting these warning messages when compiling, I am pretty sure they have something to do with this problem: Assembly generation -- Referenced assembly 'mscorlib.dll' targets a different processor HttpTestEdit 3:I manually edited the project file to force references to the x64 assemblies, like this:
<Reference Include="$(Windir)Microsoft.NETFramework64v2.0.50727System.dll"/>
This does supress the above warning message, but the problem isn't resolved.
I'm trying to get custom HttpHandler working in my sample web application. I've been experiencing a lot of issues, but finally got stuck with error 500. Application pool is being run in Classic ASP.NET 2.0 mode. Server is IIS 7.5, OS is Win 7 Pro.
Here's a code of my handler:
[Code]....
I'm using a custom ashx HttpHandler to retrieve gif images from a database and show it on a website - when the image exists, it works great.
However, there are cases when the image will not exist, and I'd like to have the html table holding the image to become invisible so the "image not found" icon is not shown.
[code]...
I have a problem with large respones and IIS7, the server runs out of memory. I've written the test code below that works pretty much like my real code... When i start to download the file i can se the memory usage rise until it hits 100% and Firefox complaints about lost connection to server, looks like IIS7 does not release cache or something.. Works in IIS6 by the way
[Code]....
I'm using the System.Web.Routing.UrlRoutingModule.
With that I'm writing:
routes.Add(new Route(@"cart/add", new RouteHandler("~/Order/CartAdd.ashx")));
routes.Add(new Route(@"cart/delete", new RouteHandler("~/Order/CartDelete.ashx")));
And I also have one route called:
routes.Add(new Route(@"{*url}", new RouteHandler("~/Error/PageNotFound.ashx")));
But if I go directy to /Order/CartAdd.ashx I never enter the routing. It goes directly to that handler. And if I go to /Order/ I get a 403.14 error.
How do I instead catch those urls with the routing?
I'm trying to secure my web application so XML files it contains can't be downloaded. I thought it would be as simple as adding these to the "httpHandlers" section of web.config:
<remove verb="*" path="*.xml"/>
<add verb="*" path="*.xml" type="System.Web.HttpForbiddenHandler"/>
This failed - the XML files could still be downloaded easily. I tried different browsers in case they were caching, but everything could download the XML files without any trouble. I thought this might be due to some special handling of XML, so I tried mocking up an alternative based on ".txt123" files. I added this file with some dummy content:
[code]....
We have a handler to deal with .dat files.. everything is already setup and server is acknowledging the file type and doing its thing to handle it..
But the handler requires 1 bit of information along with the HTTP request which is a physical file path.. the file name it knows based on the file we call , but how can i pass a custom header along with the request so that the handler will use that when the request is made?
Basically when on our player.aspx page, i will have a button, when you click that button a request is made to the .dat file, but along with that request i need to send the physical file path.. how can i do that?
I have a web page where I am denying anonymous users from accessing. In the web site I have a folder called FileManager. In the web app the usres have the ability to uploaded files and when they do a folder gets created under the filmanger and the files are saved. I have created a web.config in this folder that denies anonymous users. The problem is if the user knows the directory structure they can type in the url of the site add /FilManager/x/x/NameOfFile, where x are the sub directories. If the file is an image it shows the image in ie, if it is a .xls or .doc or what ever they get the prompt to either download or save the file. What am I doing wrong. Will the web.config file not stop an anonymous user from access files? I put a webpage in the folder and it is blocked and the user gets sent to the login screen, but files seem to be unsecured.
How do I block anonymous users from being able to access the files in this folder?
In ASP.net MVC 2, I can use routes.RouteExistingFiles = true; to send all requests through the routing system, even if they exist on the file system.
Usually, this ends up hitting the "{controller}/{action}/{id}" route and throws an exception as the controller cannot be found.
I do not want to use that route though (I have only a few URLs and they are specifically mapped), yet I would still like to prevent access to the file system.
Basically I want to Whitelist pages using IgnoreRoute. Is there a built-in way to do this?
My current approach is to still have a route "{*anything}" and generate a 404 when this is hit, but I'm just wondering if something is built-in already?
I am building an application that allows a user to upload multiple images, resizes them, and saves them. What I need (ok, what I'd like) is the following...
I would like some sort of way to prompt a user to crop the photos after they have been saved. I have code that creates a 175px square rectangle and saves that image. I need the user to select the image section they want saved and to do so I envision a window that automatically prompts them to do so once the upload(s) have completed. I think my preference would be to have a page or control (datalist, repeater, ectc..) that refreshes every time an image is saved and allows the user to crop the newly saved images. I'm opened to advice, opinions, free drinks and a clue.
I have written an Http Module that hooks onto the Response.Filter property of the current request and does various replacements within the HTML before it is sent to the client.All the work is done in the Write method which is overriding Write in the base class Stream.
The Write method is called multiple times for a single response - the HTML seems to be written to the output stream in chunks. My problem is that I don't have an efficient & reliable way of telling if the current chunk is the last chunk (for why I want to know this see below). The only way I have come up with is to check if the chunk contains a closing html tag - but this is not very efficient or reliable.
The reason this is needed is that the module must add the "Refresh" HTTP header to the response, but only if the HTML fulfills certain conditions (and there are certain conditions that mean the header must not be added). So, only when the last chunk has been seen does the code know if the header can be added or not. So, I either need a test for the last chunk, or on each call to Write I add the header if the current block of HTML passes the test (if it has not already been added) or remove the header if the current block of HTML fails the test (if it has already been added).
So, is there a better way to test for the last chuck OR is there a way to test for a particular header being in the response and delete it (there doesn't seem to be a way to do this - only to append headers)?
Considering the recent ASP.NET vulnerability, what should I look for in my httphandlers that would cause such a Padding Oracle vulnerability?
Asked in another way... what did MSFT do wrong and what did they fix in their handlers?
we can download other site css like right clikc their websites and we can see the css src / js src, then if we providee that filename in the address bar then it'll download, how to avoid this?
View 2 RepliesWhat i want to do is code in Global.asax file to check if current date is greater than EndDate(appsetting) it will block access to rest of the pages as what happens when using [Code]....
Moreover it will be a licencing system which will block the application after its EndDate that will be mentioned in web.config.
[Code]....
[Code]....
I know how to impersonate a user for the entire site but how best to impersonate for a block of code; WindowsImpersonationContext or NetworkCredential?
And how would this code look like?
have a project where there are main 3 types of users i have to block them from accessing other pages but without using roles or membership is there any other way to do the same?
View 3 RepliesI'm doing a project in component management system. I need to block executable files from getting uploaded. Blocking should not be based on the extensions. For example, i've a file named abc.exe i'm going to change the file extension to abc.jpg in this case that abc file should not get updated. Similar to that in gmail file attachment.
View 2 Replies
