Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

set src property in view to a url outside of the MVC3 project

Tags:

c#

asp.net-mvc-3

I am trying to create an application that will display images that are stored locally on the webserver. Here is what I have in my view, note that "entry" are absolute addresses like "C:\Images\Image1.jpg". However, when I run it, I get "Not allowed to load local resource: file:///C:/Images/ImageName.jpg" in the console log. So maybe it tries to access the image on the client. How do I tell my view to access the local webserver path and not look for the image source on the client? Please note that moving the images into project directory is not an option, because the images are stored on a different drive on the webserver.

<!-- language: c# -->
@model List<String>
<div style="height: 500px; overflow:scroll;">
<h2>
    ScreenShots for testMachine</h2>

@foreach (var entry in Model)
{          
   <div class="nailthumb-container square-thumb">
   <img alt="screenshot" src="@Url.Content(entry)" /> 

</div>
}
</div>
like image 645
Alicester4WonderlandPresident Avatar asked Sep 25 '12 19:09

Alicester4WonderlandPresident

1 Answers

You cannot directly serve images outside of your ASP.NET MVC 3 application to the client. That would be a huge security vulnerability if the client could access arbitrary files on your server.

You will need to write a controller action that will return them and then point your src property of your <img> tags to this controller action.

public class ImagesController: Controller
{
    public ActionResult SomeImage()
    {
        return File(@"C:\Images\foo.jpg", "image/jpeg");
    }
}

and inside your view:

<img src="@Url.Action("SomeImage", "Images")" alt="" />

You could also pass the image name as parameter to the controller action:

public class ImagesController: Controller
{
    public ActionResult SomeImage(string imageName)
    {
        var root = @"C:\Images\";
        var path = Path.Combine(root, imageName);
        path = Path.GetFullPath(path);
        if (!path.StartsWith(root))
        {
            // Ensure that we are serving file only inside the root folder
            // and block requests outside like "../web.config"
            throw new HttpException(403, "Forbidden");
        }

        return File(path, "image/jpeg");
    }
}

and in your view:

<img src="@Url.Action("SomeImage", "Images", new { image = "foo.jpg" })" alt="" />
like image 182
Darin Dimitrov Avatar answered Sep 19 '22 19:09

Darin Dimitrov
Sign in to Comment

Related questions

finding the actual executable and path associated to a windows service using c#
Best way to save variables between postbacks asp.net?
Is there a BigFloat class in C#?
using Dynamic to add methods?
What is difference between new in a constructor and new in a member declaration?
Deploying Postgresql Along Windows Application
How can I unit test a lock statement?
Calling a generic method with the correct derived type
Understand linq syntax [closed]
Is it bad to return new ICommand every time in property getter?
Error message "Operator '.' cannot be applied to operand of type 'lambda expression'" when converting a method to Extension Method?
Include header only once at the top of a rolling file
Generic of type T where T has a specific attribute
.net File.Copy very slow when copying many small files (not over network)
Moving ListViewItems Up & Down
Root Element Missing when deserializing an XML response using XmlSerializer
Convert Deserialization method to Async
How to concatenate two exceptions?
How to create RTF from plain text (or string) in C#?
Draw only outer border for TableLayoutPanel Cells

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!