I have a web page that is hosted in our local network. On my page I have a link to a document. The document is linked to a network share. If the user opens the file, edits it and then goes to save the file it overwrites what is on the share. When opening the file I want the user to download the file, so when they come to save it they do not have the option to save it back. How could I go about doing this?
Server side I have access to asp.
You need to create a link which when clicked, streams the contents of the file to the browser, rather than having a link to the files actual location. If you do this the user will be prompted to save the file somewhere locally.
I am not at my PC currently so cannot get you an example piece of code, but you need to send the response with the content type set appropriately. Look in to mime types for a pointer in the right direction.
The term "download" is misunderstood here. When we open windows explorer and copy a file from a network share to our local machine don't think it terms of "downloading" it, we are just copying it. To "download" usually refers to access some resource outside of our local network and pulling that resource into that network.
Hence to achieve your aim you need to convince the client that is not accessing a file that is a local network resource. You can do this by adding a Virtual Folder to the IIS site that points the appropriate folder in the network share. Change the URL to use a "http:" protocal pointing at the virtual folder in your site.
Now the users will get the file from your website rather than accessing it as a normal file on the network.
You can stream the file through a webpage to download the file instead of opening a network share.
See this for an example:
http://support.microsoft.com/kb/276488
You can also share a directory through your web server by enabling directory browsing.
IIS 6: http://blog.crowe.co.nz/archive/2006/03/18/603.aspx
IIS 7: http://technet.microsoft.com/en-us/library/cc731109(WS.10).aspx
Related
I have a simple code that save logs in a 'csv' file on the server.
When I navigate to from the browser to the folder where the file is saved, clicking the file download it instead of opening the file for view in the browser.
I have another site using the same code exactly on the same server, and clicking file from it, open the file for view in the browser.
I use the same browser for both sites, so it is not related to browser settings.
I've tried to change the file privileges, but it didn't help.
This site was originally with a different host, and I thought that moving it to the same host will solve it, but it didn't.
I've tried to talk with the support of the hosting provider, but they say that a developer should handle it.
Replacing the file ending to 'cvs' solved the problem, and opened the file in the browser without any other settings change.
I zipped a file on the server and created a link using
Download 3D View
Now whenever the link is clicked I am being redirected to the Homepage. Is it possible that this is not working due to security reasons with the zip file itself since I compressed it on the server?
It seems it was a security reason which I solved simply by compressing the files on my local machine and than uploaded the .zip file to the server. It seems the server was applying security while compressing.
My question is I know that a server application can access the data stored at server but cannot access teh data stored at client machine as this is a security issue and Browsers not allow this. But in case of localHost (when my local pc is acting as a server) I should be able to access the files from my PC(the local PC on which the application is running). But that is not happening.
Why i m not able to access a simple image file form my local C:\ drive by localhost. The URL i used was file:///c:/image.png but if i store this image any where under home directory of tomcat i m able to access it. WHY ??
I m using it as <'img src="file:///c:/image.png>
Thanks for any considerations..
The problem is with this part:
The URL i used was file:///c:/image.png but if i store this image any
where under home directory of tomcat i m able to access it.
If you want to access the file through Tomcat after placing it in Tomcat's document-root, then the URL to use (assuming you haven't changed the default port setting) is:
http://localhost:8080/image.png
Content hosted by the web-server needs to be accessed through the web-server. A file:// URL bypasses any sort of server, and basically directs the browser to look directly in the local filesystem. So it should also work if you were to do:
file:///C:/path/to/tomcat/home/image.png
But in that case you are not going through Tomcat. You're just pointing the browser at the tomcat folder in your local filesystem.
Edit: I don't think many browsers will not allow file:// urls in tags in hosted documents. Doing so could cause the appearance of a security hole, as if you could guess the name of an image file on someone's local filesystem you could then post a webpage that made it appear as if your server had somehow grabbed their personal image file.
I am working on a web page that will be on a local or network filesystem. What I would like to do is have have the user click a link to a file and start a save as dialog. However, since the webpage and the file are both on a local or network filesystem, I cannot control the header.
Is there any sort of workaround?
Thanks,
Grae
I'm writing a web application that allow user upload their files on the app. The file will be uploaded on the HTTP Server, after the user click the "upload" button. The user can receive the file by getting the file from the path.... ...for example: http://www.demo.com/user/abc/download/the_file.jpg
but I found that all the people can access this file using the path. How can I do, or is there a better way to manage the file that only registered user or the file owner can download the file?
Serving a file directly within a script is not an option because of performance issues and it's not really possible to serve BIG files because of memory limits.
The best option is to use the Apache module mod_xsendfile. The idea is to redirect all requests to a
PHP/Perl/Python script which will just set a HTTP header saying "Hey Apache, serve this file instead" and mod_xsendfile will take care of it.
And the client will never be able to download the file without this authentication.
If using something like apache httpd, you can use .htaccess files and have directories that are provisioned to users or groups if you want the user to continue accessing files at a path on the filesystem.
If you lock down the directory and have a script to manage file delivery, you can check permissions in the script and give the user the file requested or a 403.
I tend to use the script approach as it gives me more control over how the permissions are managed and more complex access scenarios.