Go homepage(回首页) Upload pictures (上传图片) Write articles (发文字帖)
The author:(作者)delvpublished in(发表于) 2014/1/16 9:28:01 ASP.NET,防盗链源码_[Asp.Net教程]
/* * * 防盗链IHttpHandler * * * 增加了对文件关键字的选择(即仅对文件名存在某些关键字或不存在某些关键字进行过滤) * 设置web.config中节以下值 * string eWebapp_NoLink 如果文件名符合该正确表态式将进行过滤(不设置对所有进行过滤) * string eWebapp_AllowLink 如果文件名符合该正确表态式将不进行过滤(优先权高于AllowLink,不设置则服从AllowLink) * bool eWebapp_ AllowOnlyFile 如果为False,(默认true)则不允许用户直接对该文件进行访问建议为true * * * :)以下设置均可省略,设置只是为了增加灵活性与体验 * eWebapp_NoLink_Message 错误信息提示:默认为Link From:域名 * eWebapp_Error_Width 错误信息提示图片宽 * eWebapp_Error_Height 错误信息提示图片高 * * * * 垃圾猪 2005-9-11 创建 * http://ewebapp.net */
using System;using System.Web;using System.Drawing;using System.Drawing.Imaging;using System.IO;using System.Configuration;using System.Text.RegularExpressions;
namespace eWebapp{ /// /// 防盗链IHttpHandler /// 参考http://www.softat.org/archiver/tid-52114.html /// 垃圾猪 2005-9-12 修正 /// public class NoLink : IHttpHandler { private string eWebapp_NoLink = string.Empty; private string eWebapp_AllowLink = string.Empty; private bool eWebapp_AllowOnlyFile = true;
private string eWebapp_NoLink_Message = string.Empty; private bool error = false;
public NoLink() { // // TOD 在此处添加构造函数逻辑 // }
public void ProcessRequest(HttpContext context) { eWebapp_NoLink_Message = ConfigurationSettings.AppSettings["eWebapp_NoLink_Message"];
string myDomain = string.Empty;
error = errorLink(context, out myDomain);
if (Empty(eWebapp_NoLink_Message)) { eWebapp_NoLink_Message = "Link from :" + myDomain; }
if (error) { //Jpg(context.Response,eWebapp_NoLink_Message); Jpg(context.Response, eWebapp_NoLink_Message); } else { Real(context.Response, context.Request); }
}
public bool IsReusable { get { return true; } }
/// /// 输出错误信息 /// /// /// private void Jpg(HttpResponse Response, string _word) {
int myErrorWidth = _word.Length * 15; int myErrorHeight = 16; try { int _myErrorWidth = Convert.ToInt32(ConfigurationSettings.AppSettings["eWebapp_Error_Width"]); if (_myErrorWidth > 0) { myErrorWidth = _myErrorWidth; }
} catch {
} try { int _myErrorHeight = Convert.ToInt32(ConfigurationSettings.AppSettings["eWebapp_Error_Height"]); if (_myErrorHeight > 0) { myErrorHeight = _myErrorHeight; } } catch {
} Bitmap Img = null; Graphics g = null; MemoryStream ms = null; Img = new Bitmap(myErrorWidth, myErrorHeight); g = Graphics.FromImage(Img); g.Clear(Color.White); Font f = new Font("Arial", 9); SolidBrush s = new SolidBrush(Color.Red); g.DrawString(_word, f, s, 3, 3); ms = new MemoryStream(); Img.Save(ms, ImageFormat.Jpeg); Response.ClearContent(); Response.ContentType = "image/Gif"; Response.BinaryWrite(ms.ToArray()); g.Dispose(); Img.Dispose(); Response.End(); }
/// /// 输出真实文件 /// /// /// private void Real(HttpResponse response, HttpRequest request) { FileInfo file = new System.IO.FileInfo(request.PhysicalPath);
response.Clear();
response.AddHeader("Content-Disposition", "filename=" + file.Name);
response.AddHeader("Content-Length", file.Length.ToString());
string fileExtension = file.Extension.ToLower();
//这里选择输出的文件格式 //可以参考http://ewebapp.cnblogs.com/articles/234756.html增加对更多文件格式的支持.
switch (fileExtension) {
case "mp3": response.ContentType = "audio/mpeg3"; break;
case "mpeg":
response.ContentType = "video/mpeg"; break;
case "jpg":
response.ContentType = "image/jpeg"; break;
case "bmp":
response.ContentType = "image/bmp"; break;
case "gif":
response.ContentType = "image/gif"; break;
case "doc":
response.ContentType = "application/msword";
break; case "css":
response.ContentType = "text/css"; break;
default:
response.ContentType = "application/octet-stream"; break;
response.WriteFile(file.FullName);
response.End(); }
/// /// 确认字符串是否为空 /// /// /// private bool Empty(string _value) { if (_value == null | _value == string.Empty | _value == "") { return true; } else { return false; } }
/// /// 检查是否是非法链接 /// /// /// /// private bool errorLink(HttpContext context, out string _myDomain) { HttpResponse response = context.Response; string myDomain = context.Request.ServerVariables["SERVER_NAME"]; _myDomain = myDomain; string myDomainIp = context.Request.UserHostAddress;
eWebapp_NoLink = ConfigurationSettings.AppSettings["eWebapp_NoLink"]; eWebapp_AllowLink = ConfigurationSettings.AppSettings["eWebapp_AllowLink"];
try { eWebapp_AllowOnlyFile = Convert.ToBoolean(ConfigurationSettings.AppSettings["eWebapp_AllowOnlyFile"]); } catch { eWebapp_AllowOnlyFile = true; }
if (context.Request.UrlReferrer != null) {
//判定referDomain是否存在网站的IP或域名 string referDomain = context.Request.UrlReferrer.AbsoluteUri.Replace(context.Request.UrlReferrer.AbsolutePath, ""); string myPath = context.Request.RawUrl;
if (referDomain.IndexOf(myDomainIp) >= 0 | referDomain.IndexOf(myDomain) >= 0) { return false; } else { //这里使用正则表达对规则进行匹配 try { Regex myRegex;
//检查允许匹配 if (!Empty(eWebapp_AllowLink)) {
myRegex = new Regex(eWebapp_AllowLink);
if (myRegex.IsMatch(myPath)) { return false; }
//检查禁止匹配 if (!Empty(eWebapp_NoLink)) {
myRegex = new Regex(eWebapp_NoLink); if (myRegex.IsMatch(myPath)) { return true; } else { return false; }
return true;
} catch { //如果匹配出错,链接错误 return true; } } } else { //是否允许直接访问文件 if (eWebapp_AllowOnlyFile) { return false; } else { return true; } }
来源:网络
赞