Logo Questions Linux Laravel Mysql Ubuntu Git Menu

How can one prevent accessing content directly?




Using ASP MVC 4.5, how can one apply security measures in order to prevent users from accessing content directly?

Like for example preventing the access of images or other files stored on the web server just by entering their link.

like image 385
JEPAAB Avatar asked Mar 25 '23 07:03


1 Answers

  1. Place your image in a non-web accessible folder.
  2. Create a server side script (for example, an HttpHandler) that can read the image file and return its contents in the HTTP response.
  3. In that script, perform your user validation to make sure the user has access to that file.
  4. In the HTML, have the src attribute of the img tag point to your script.

The user can still directly type in the URL to your script to see the image. But you can at least require that the user is logged into your site and is authorized to view the image.

like image 115
mbeckish Avatar answered Apr 02 '23 04:04