Our application server has a folder used to store attachments uploaded by customer. This folder is called Attachments which is out of website, no virtual directory for this folder. I wonder how to link files of this folder.
My code is :
string vetting = "c:\\Attachments";
if (Directory.Exists(vetting +"\\"+ "UserName"))
{
DirectoryInfo di = new DirectoryInfo(vetting+"\\" + "UserName");
FileInfo[] rgFiles = di.GetFiles("*.*");
if (rgFiles.Length > 0)//thumb.db will be a file
{//list is a div on front end.
list.InnerHtml += <span class='SubTitle'>Your attachments list:</span>";
foreach (FileInfo fi in rgFiles)
{
list.InnerHtml += "<br><a href='c:/Attachments/UserName/"+fi.Name+"'>"+fi.Name+"</a>" ;
}
}
else
{
list.InnerHtml += "You don't have any attachment yet.";
}
}
But it doesn’t work, it always goes to find the client side c:/Attachments. How could I link to server side c:/Attachments? Thank you in advance.
You cannot link to those files if they’re not exposed to IIS (your web server).
Suggest 2 options to consider:
create an .ashx (ASP.NET web handler)to handle these requests. It would read the requested document (either from session, cookie, or querystring) as you see fit. Your
.InnerHtmlcan be<a href='mysite.com/bar.ashx?file=foo'>foo.xlsx</a>. You can then implement authorization checks, file name obfuscation, and a whole lot more. Read the bytes of the desired file, and return to the client.create a virtual directory under your IIS site/application. Call this vdir ‘attachments’. Warning: this lets anyone use/build/consume any link to view any attachment. Consider disabling directory browsing. Ensure that the appropriate IIS user has NTFS permissions to view this directory. Implement this if security isn’t a concern/requirement. Your
.InnerHtmlcan then be<a href='mysite.com/attachments/foo.xlsx'>foo.xlsx</a>