webform1.aspx
<%@ Page Language="C#" AutoEventWireup="true" CodeBehind="WebForm1.aspx.cs" Inherits="work051.WebForm1" %>
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml">
<head runat="server">
<meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>通过session会话防止盗链</title>
</head>
<body>
<form id="form1" runat="server">
<div>
<a href="download/1.rar">下载</a>
<br />
<br />
<br />
<br />
<asp:Button ID="Button1" runat="server" Text="清除会话session,再试试下载" OnClick="Button1_Click" />
</div>
</form>
</body>
</html>
webform1.aspx.cs
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
namespace work051
{
public partial class WebForm1 : System.Web.UI.Page
{
protected void Page_Load(object sender, EventArgs e)
{
Session["visited"] = true;
}
protected void Button1_Click(object sender, EventArgs e)
{
Session.Remove("visited");
}
}
}
web.config
<?xml version="1.0" encoding="utf-8"?>
<!--
有关如何配置 ASP.NET 应用程序的详细信息,请访问
http://go.microsoft.com/fwlink/?LinkId=169433
-->
<configuration>
<system.web>
<compilation debug="true" targetFramework="4.5" />
<httpRuntime targetFramework="4.5" />
</system.web>
<location path="download">
<system.webServer>
<handlers>
<add name="1" verb="*" path="*" type="work051.ForbiddenThief"/>
</handlers>
</system.webServer>
</location>
</configuration>
forbiddenthief.cs
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
namespace work051
{
public class ForbiddenThief :IHttpHandler,System.Web.SessionState.IRequiresSessionState
{
public ForbiddenThief()
{
}
public bool IsReusable
{
get
{
return true;
}
}
public void ProcessRequest(System.Web.HttpContext context)
{
System.Web.HttpRequest request = context.Request;
System.Web.HttpResponse response = context.Response;
string requestFile = request.PhysicalPath;
System.Web.SessionState.HttpSessionState session1 = context.Session;
if (session1["visited"] == null)
{
response.Write("请不要盗用本站链接,从首页访问<a href='../WebForm1.aspx'>首页</a>");
}
else
{
if (System.IO.File.Exists(requestFile))
{
WriteF(requestFile, response);
}
else
{
response.Write("你下载的文件不存在。<a href='../WebForm1.aspx'>首页</a>");
}
//session1.Remove("visited");
}
}
private void WriteF(string path, HttpResponse response)
{
string extension = System.IO.Path.GetExtension(path);
string contentType = GetMimeType(extension);
response.Clear();
response.ContentType = contentType;
string fileName = System.IO.Path.GetFileName(path);
response.AddHeader("Content-Disposition","attachment;filename=" + fileName);
response.WriteFile(path);
}
private string GetMimeType(string extension)
{
string mime = string.Empty;
extension = extension.ToLower();
switch (extension)
{
case ".zip":
mime = "application/x-zip-compressed";
break;
default:
break;
}
return mime;
}
}
}
根目录建个文件夹download,内放一个1.rar文件。