/**//*
*
* 防盜鏈ihttphandler
*
*
* 增加了對文件關鍵字的選擇(即僅對文件名存在某些關鍵字或不存在某些關鍵字進行過濾)
* 設置web.config中<appsettings>節以下值
* string ewebapp_nolink 如果文件名符合該正確表態式將進行過濾(不設置對所有進行過濾)
* string ewebapp_allowlink 如果文件名符合該正確表態式將不進行過濾(優先權高于allowlink,不設置則服從allowlink)
* bool ewebapp_ allowonlyfile 如果為false,(默認true)則不允許用戶直接對該文件進行訪問建議為true
*
*
* :)以下設置均可省略,設置只是為了增加靈活性與體驗
* ewebapp_nolink_message 錯誤信息提示:默認為link from:域名
* ewebapp_error_width 錯誤信息提示圖片寬
* ewebapp_error_height 錯誤信息提示圖片高
*
*
*
* 垃圾豬 2005-9-11 創建
* http://ewebapp.net
*/
using system;
using system.web;
using system.drawing;
using system.drawing.imaging;
using system.io;
using system.configuration;
using system.text.regularexpressions;
namespace ewebapp
...{
/**//// <summary>
/// 防盜鏈ihttphandler
/// 參考http://www.softat.org/archiver/tid-52114.html
/// 垃圾豬 2005-9-12 修正
/// </summary>
public class nolink : ihttphandler
...{
private string ewebapp_nolink = string.empty;
private string ewebapp_allowlink = string.empty;
private bool ewebapp_allowonlyfile = true;
private string ewebapp_nolink_message = string.empty;
private bool error = false;
public nolink()
...{
//
// todo: 在此處添加構造函數邏輯
//
}
public void processrequest(httpcontext context)
...{
ewebapp_nolink_message = configurationsettings.appsettings["ewebapp_nolink_message"];
string mydomain = string.empty;
error = errorlink(context,out mydomain);
if(empty(ewebapp_nolink_message))
...{
ewebapp_nolink_message = "link from :" + mydomain;
}
if(error)
...{
//jpg(context.response,ewebapp_nolink_message);
jpg(context.response,ewebapp_nolink_message);
}
else
...{
real(context.response,context.request);
}
}
public bool isreusable
...{
get
...{
return true;
}
}
/**//// <summary>
/// 輸出錯誤信息
/// </summary>
/// <param name="response"></param>
/// <param name="_word"></param>
private void jpg(httpresponse response,string _word)
...{
int myerrorwidth = _word.length*15;
int myerrorheight = 16;
try
...{
int _myerrorwidth = convert.toint32(configurationsettings.appsettings["ewebapp_error_width"]);
if(_myerrorwidth > 0 )
...{
myerrorwidth = _myerrorwidth;
}
}
catch
...{
}
try
...{
int _myerrorheight = convert.toint32(configurationsettings.appsettings["ewebapp_error_height"]);
if(_myerrorheight > 0 )
...{
myerrorheight = _myerrorheight;
}
}
catch
...{
}
bitmap img=null;
graphics g=null;
memorystream ms=null;
img=new bitmap(myerrorwidth,myerrorheight);
g=graphics.fromimage(img);
g.clear(color.white);
font f=new font("arial",9);
solidbrush s=new solidbrush(color.red);
g.drawstring(_word,f,s,3,3);
ms=new memorystream();
img.save(ms,imageformat.jpeg);
response.clearcontent();
response.contenttype="image/gif";
response.binarywrite(ms.toarray());
g.dispose();
img.dispose();
response.end();
}
/**//// <summary>
/// 輸出真實文件
/// </summary>
/// <param name="response"></param>
/// <param name="context"></param>
private void real(httpresponse response,httprequest request)
...{
fileinfo file = new system.io.fileinfo(request.physicalpath);
response.clear();
response.addheader("content-disposition", "filename=" + file.name);
response.addheader("content-length", file.length.tostring());
string fileextension = file.extension.tolower();
//這里選擇輸出的文件格式
//可以參考http://ewebapp.cnblogs.com/articles/234756.html增加對更多文件格式的支持.
switch (fileextension)
...{
case "mp3":
response.contenttype = "audio/mpeg3";
break;
case "mpeg":
response.contenttype = "video/mpeg";
break;
case "jpg":
response.contenttype = "image/jpeg";
break;
case "bmp":
response.contenttype = "image/bmp";
break;
case "gif":
response.contenttype = "image/gif";
break;
case "doc":
response.contenttype = "application/msword";
break;
case "css":
response.contenttype = "text/css";
break;
default:
response.contenttype = "application/octet-stream";
break;
}
response.writefile(file.fullname);
response.end();
}
/**//// <summary>
/// 確認字符串是否為空
/// </summary>
/// <param name="_value"></param>
/// <returns></returns>
private bool empty(string _value)
...{
if(_value == null | _value == string.empty | _value == "")
...{
return true;
}
else
...{
return false;
}
}
/**//// <summary>
/// 檢查是否是非法鏈接
/// </summary>
/// <param name="context"></param>
/// <param name="_mydomain"></param>
/// <returns></returns>
private bool errorlink(httpcontext context,out string _mydomain)
...{
httpresponse response = context.response;
string mydomain = context.request.servervariables["server_name"];
_mydomain = mydomain ;
string mydomainip = context.request.userhostaddress;
ewebapp_nolink = configurationsettings.appsettings["ewebapp_nolink"];
ewebapp_allowlink = configurationsettings.appsettings["ewebapp_allowlink"];
try
...{
ewebapp_allowonlyfile = convert.toboolean(configurationsettings.appsettings["ewebapp_allowonlyfile"]);
}
catch
...{
ewebapp_allowonlyfile = true;
}
if(context.request.urlreferrer != null)
...{
//判定referdomain是否存在網站的ip或域名
string referdomain = context.request.urlreferrer.absoluteuri.replace(context.request.urlreferrer.absolutepath,"");
string mypath = context.request.rawurl;
if(referdomain.indexof(mydomainip) >=0 | referdomain.indexof(mydomain)>=0)
...{
return false;
}
else
...{
//這里使用正則表達對規則進行匹配
try
...{
regex myregex ;
//檢查允許匹配
if(!empty(ewebapp_allowlink))
...{
myregex = new regex(ewebapp_allowlink);
if(myregex.ismatch(mypath))
...{
return false;
}
}
//檢查禁止匹配
if(!empty(ewebapp_nolink))
...{
myregex = new regex(ewebapp_nolink);
if(myregex.ismatch(mypath))
...{
return true;
}
else
...{
return false;
}
}
return true;
}
catch
...{
//如果匹配出錯,鏈接錯誤
return true;
}
}
}
else
...{
//是否允許直接訪問文件
if(ewebapp_allowonlyfile)
...{
return false;
}
else
...{
return true;
}
}
}
}
}
新聞熱點
疑難解答
圖片精選
