Securing Site Downloads

Results 1 to 3 of 3

Thread: Securing Site Downloads

  1. #1
    Curt Robinson Guest

    Default Securing Site Downloads

    I have created a document collaboration site and was wondering if anyone knows how I can secure document downloads? The user will click on a document link which links them to an ASP page that validates their access to the document then RESPONSE.REDIRECTS them to the actual file. The files are mostly Excel, Word or PDF documents, so the redirect will actually open the document using the appropriate program embedded within a browser, with the direct URL to the document showing in the browser&#039s address bar. If the user copies this link and gives it to his friend then my security is breached. If I could get everything to run outside the browser, force the download, or a Save As dialog with the Run/Save options, that would probably work to a degree. I would like to internally redirect (I believe an IIS 5.0 feature) or mask the actual download location of the file, or force authentication of any request (possibly with an ISAPI filter?). Any thoughts?

  2. #2
    Join Date
    Dec 1969

    Default RE: Securing Site Downloads

    What you could do is use the FileSystemObject. Store the actual files outside the virtual root of the webserver, so that no-one can access them directly. Then write an ASP script that uses the FSO to grab the file and BinaryWrite it to the client, remembering to set the correct content type first.<BR><BR>Dunc

  3. #3
    Join Date
    Dec 1969

    Default RE: Securing Site Downloads

    See if anyone replies to my message (it&#039s kind of the same plan).<BR><BR><BR><BR>James

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts