图片地址防盗链的IHttpHandler实现方法(2)
/// <summary>
/// 输出真实文件
/// </summary>
/// <param name="response"></param>
/// <param name="context"></param>
private void real(httpresponse response,httprequest request)
{
fileinfo file = new system.io.fileinfo(request.physicalpath);
response.clear();
response.addheader("content-disposition", "filename=" + file.name);
response.addheader("content-length", file.length.tostring());
string fileextension = file.extension.tolower();
//这里选择输出的文件格式
//可以参考http://ewebapp.cnblogs.com/articles/234756.html增加对更多文件格式的支持.
switch (fileextension)
{
case "mp3":
response.contenttype = "audio/mpeg3";
break;
case "mpeg":
response.contenttype = "video/mpeg";
break;
case "jpg":
response.contenttype = "image/jpeg";
break;
case "bmp":
response.contenttype = "image/bmp";
break;
case "gif":
response.contenttype = "image/gif";
break;
case "doc":
response.contenttype = "application/msword";
break;
case "css":
response.contenttype = "text/css";
break;
default:
response.contenttype = "application/octet-stream";
break;
}
response.writefile(file.fullname);
response.end();
}
/// <summary>
/// 确认字符串是否为空
/// </summary>
/// <param name="_value"></param>
/// <returns></returns>
private bool empty(string _value)
{
if(_value == null | _value == string.empty | _value == "")
{
return true;
}
else
{
return false;
}
}
/// <summary>
/// 检查是否是非法链接
/// </summary>
/// <param name="context"></param>
/// <param name="_mydomain"></param>
/// <returns></returns>
private bool errorlink(httpcontext context,out string _mydomain)
{
httpresponse response = context.response; [来源www.iocblog.net]
string mydomain = context.request.servervariables["server_name"];
_mydomain = mydomain ;
string mydomainip = context.request.userhostaddress;
ewebapp_nolink = configurationsettings.appsettings["ewebapp_nolink"];
ewebapp_allowlink = configurationsettings.appsettings["ewebapp_allowlink"];
try
{
ewebapp_allowonlyfile = convert.toboolean(configurationsettings.appsettings["ewebapp_allowonlyfile"]);
}
catch
{
ewebapp_allowonlyfile = true;
}
if(context.request.urlreferrer != null)
{
//判定referdomain是否存在网站的ip或域名
string referdomain = context.request.urlreferrer.absoluteuri.replace(context.request.urlreferrer.absolutepath,"");
string mypath = context.request.rawurl;
if(referdomain.indexof(mydomainip) >=0 | referdomain.indexof(mydomain)>=0)
{
return false;
}
else
{
//这里使用正则表达对规则进行匹配
try
{
regex myregex ;
//检查允许匹配
if(!empty(ewebapp_allowlink))
{
myregex = new regex(ewebapp_allowlink);
if(myregex.ismatch(mypath))
{
return false;
}
}
//检查禁止匹配
if(!empty(ewebapp_nolink))
{
myregex = new regex(ewebapp_nolink);
if(myregex.ismatch(mypath))
{
return true;
}
else
{
return false;
}
}
return true;
}
catch
{
//如果匹配出错,链接错误
return true;
}
}
}
else
{
//是否允许直接访问文件
if(ewebapp_allowonlyfile)
{
return false;
}
else
{
return true;
}
}
}
}
}
http://www.cnblogs.com/zhouxujian/archive/2006/10/12/527673.html
Tag: 防盗链
文章整理:iocblog
版权申明:本站文章均来自网络,如有侵权,请联系我们,我们收到后立即删除,谢谢!
特别注意:本站所有转载文章言论不代表本站观点,本站所提供的摄影照片,插画,设计作品,如需使用,请与原作者联系,版权归原作者所有。