Asp.net picture file protection hotlinking of respect the fruits of labor and BeginRequest event learning
- 2020-05-24 05:30:15
- OfStack
About the picture hotlinking this question, after all is own labor success, a lot of people don't want others to be so easy to steal. This feature is available on many forums, perhaps because hotlinking has too much behavior
The anti-hotlinking program is actually very simple, familiar with the ASP.NET application life cycle is very easy to write 1, using HttpModule in the BeginRequest event to intercept the request on ok, the rest of the work is filtering, filtering!
If you are not familiar with HttpModule, you can look it up on MSDN. The introduction is very detailed. The address is: ms - help: / / MS. VSCC. v80 / MS MSDN. v80 / MS VisualStudio. v80. chs/dv_aspnetcon/html/d0 f1d2910f - 61-4541-8 af8 - c3c108ca351f. htm. No more nonsense here
Whatever is good, is bad, the biggest disadvantage of this is the increased overhead, every request to the client to filter 1 times, performance will naturally be compromised. Do not know which friend has a better way, or optimize the method, 1 to discuss
To realize the function of putting hotlinking into files:
First, add a global file Global.asax
In Application_BeginRequest, we can determine whether UrlReferre in the header of Http is from the website.
The anti-hotlinking program is actually very simple, familiar with the ASP.NET application life cycle is very easy to write 1, using HttpModule in the BeginRequest event to intercept the request on ok, the rest of the work is filtering, filtering!
If you are not familiar with HttpModule, you can look it up on MSDN. The introduction is very detailed. The address is: ms - help: / / MS. VSCC. v80 / MS MSDN. v80 / MS VisualStudio. v80. chs/dv_aspnetcon/html/d0 f1d2910f - 61-4541-8 af8 - c3c108ca351f. htm. No more nonsense here
private void Application_BeginRequest ( Object source, EventArgs e )
{
HttpApplication application = ( HttpApplication ) source;
HttpContext context = application.Context;
bool isSafe = true; // Whether the link is valid or not
string uri = context.Request.Url.AbsolutePath.ToLower (a);
if ( uri.LastIndexOf (" . "). > 0 && context.Request.UrlReferrer != null )
{
string exp = uri.Substring ( uri.LastIndexOf (" . "));
// This is to determine whether the file suffix name is included in the list of excluded file types
bool isHas = ClassLibrary.RData.RString.StrIsIncUseSC ( exp, config.ImgSafeType.Split (' |' ));
if ( isHas )
{
string domainOutter = context.Request.UrlReferrer.Authority.ToLower (a); // Contains the domain name and port
ArrayList arry = Common.Cache.GetDomainValid (a); // Takes the list of valid domain name bindings defined by the system
isSafe = arry.Contains ( domainOutter ); // Determines whether the currently requested domain name is in the legal list
}
}
// Here is the output when it is illegal, output if there is a default alternate image, and generate if there is none 1 , and the format is. gif
if (! isSafe )
{
Bitmap img = null;
Graphics g = null;
MemoryStream ms = null;
try
{
string picPath = ClassLibrary.RPath.GetFullDirectory (" images/unlawful.gif ");
if ( File.Exists ( picPath ))
{
img = new Bitmap ( picPath, false );
}
else
{
img = new Bitmap ( **, ** );
g = Graphics.FromImage ( img );
g.Clear ( Color.White );
Font f = new Font (" song style, black style, Arial " , 9,FontStyle.Bold );
SolidBrush s = new SolidBrush ( Color.Red );
g.DrawString ( Resources.Message.LawlessLink, f, s, 1, 20 );
img.Save ( picPath, ImageFormat.Gif );
}
ms = new MemoryStream (a);
img.Save ( ms, ImageFormat.Gif );
context.Response.ClearContent (a);
context.Response.ContentType = " image/Gif " ;
context.Response.BinaryWrite ( ms.ToArray ());
context.Response.End (a);
}
catch
{ }
finally
{
if ( g != null )
g.Dispose (a);
img.Dispose (a);
}
}
}
Whatever is good, is bad, the biggest disadvantage of this is the increased overhead, every request to the client to filter 1 times, performance will naturally be compromised. Do not know which friend has a better way, or optimize the method, 1 to discuss
To realize the function of putting hotlinking into files:
First, add a global file Global.asax
In Application_BeginRequest, we can determine whether UrlReferre in the header of Http is from the website.
if (HttpContext.Current.Request.UrlReferrer != null)
{
if (HttpContext.Current.Request.Url.AbsolutePath.EndsWith("jpg", StringComparison.OrdinalIgnoreCase) && HttpContext.Current.Request.UrlReferrer.Host != "localhost")
{
HttpContext.Current.Response.WriteFile(HttpContext.Current.Server.MapPath("~/jzdl.jpg"));
HttpContext.Current.Response.End();
}
}