I have a class which I'm writing to manage file downloads. It does a few things but mainly it just does the old application/octet-stream content-disposition and writes the outputstream of the respose object. Nothing radical here.
To initiate a download typically you would say: download.aspx?Filename=somefile
The obvious issue here is that because the class bypasses ASP.NET file security and accesses the files directly, a user could say: download.aspx?Filename=web.config and it would happily send them that (or any other) file.
My class currently implements file extension allow/deny properties to limit what sort of files can be served up but I don't feel this is really secure enough.
I'm interested in is peoples comments on how best to close this issue or how they handle this sort of thing.
To initiate a download typically you would say: download.aspx?Filename=somefile
The obvious issue here is that because the class bypasses ASP.NET file security and accesses the files directly, a user could say: download.aspx?Filename=web.config and it would happily send them that (or any other) file.
My class currently implements file extension allow/deny properties to limit what sort of files can be served up but I don't feel this is really secure enough.
I'm interested in is peoples comments on how best to close this issue or how they handle this sort of thing.