how to secure a download?

[kleinma]

ok this is sort of a 2 parter

On our website we offer a pay then download option....

now is there anyway to secure the exe file that is on the website to prevent unauthorized downloading before a customer has payed?

Currently the file sits at a directory like this

http://www.mysite.com/payfiles/thefile.exe

now if a person simply types this in the browser.. they will get the file.. so I am looking for a way to prevent that (which is number 1)

currently what I do is after they pay there is a confirmation page, which has a button to download the exe, on this button click is a response.redirect to the exe download, which does not change the location of the webbrowser (which is good) and does not seem to add the location of this exe to the history or anything, but I am unsure if this is 100% secure. (which is number 2)

I know sites offer this so there must be a secure way to do it...

[dj4uk]

Create a ASP.NET file that first checks a payment has been made and if allowed stream the file to the browser (set the MIME type as octet stream to force the save as dialog to appear) - if it isn't paid for then display an error.

If you made the ASP.NET page accept posted form parameters from the payment page including the file name then going directly to the download link URL would do nothing as these parameters would not be available.

HTH

DJ

[kleinma]

I found an article on streaming files for the exact reason I need to, but it requires some extra config on the server.

Basically a directory that exists outside of the WWW root, but has full permissions from the ASPNET account so it can stream the file. I am not sure if my webhost will do this for me, but there is a possibility.

[TomGibbons]

I found an article on streaming files for the exact reason I need to...

I don't suppose you could share the link to that article could you?

[kleinma]

I don't suppose you could share the link to that article could you?

sure I can.... just paypal me 1,000,000 gold pirate doubloons




or you can click the FROG

[TomGibbons]

Thank you

[dj4uk]

If the files out outside the WWW root then the ASPNET account needs read access to do the following: http://www.c-sharpcorner.com/Code/20...chdownload.asp.

However if you can download the files just by providing a link then it tends to suggest the necessary read permissions are already there! The ASP.NET download page would still be inside the WWW root.

DJ

[kleinma]

but if the exe is within the www folder, then it can be access by typing the url into the browser...

[dj4uk]

Only if you know the URL and if you don't make this available to the user then it'll be just guesswork to get the file.

e.g.
instead of giving a link to http://www.mydomain.com/files/file.exe
you would pass "/files/file.exe" in a hidden field in an form post to http://www.mydomain.com/source/download.aspx so download.aspx would know the location of the file from the Request.Form object but it would not be available in the URL.

If you are paranoid that someone might open the previous page to grab the file URL from the hidden field then you could encrypt it so the hidden field is unreadable and then decrypt it in download.aspx.

Hope that makes sense.

DJ

[kleinma]

no i understand that... but there are apps out there that monitor URL navigations... so even if i dont expose it.. there are still ways to see where exactly they are being redirected to.

We sell software that is expensive, and I can not leave security holes in a web app that even if only by guess work can expose direct links to the applications. Ill get fired

and with the help of a few tools, it would turn guess work into simple one time operation for someone to get the link.

bottom line is when you navigate to a file, even from a response.redirect or any other method of hiding the actual URL from the user, they technically still connect to the url to download it... streaming seems to be the only fool proof way to get around this problem.

[dj4uk]

If you stream the file rather than redirect to it then the URL not be available as it will a byte stream.

True it's not 100% secure - you are correct you would have to store the files outside the WWW root with only access to the ASPNET account to ensure no-one guesses the location.

DJ

[kleinma]

If you stream the file rather than redirect to it then the URL not be available as it will a byte stream.

right...

i have an email into my host now to see if they can set this up for me..

[nemaroller]

Why not just implement an HttpHandler?

When the customer has paid - you can set a expiring cookie or (probably better), a value in some database table.

When the user requests the file - the handler will check the database to see if the user has proper permissions to download the file, if they don't, it redirects them to a 'Sorry' page. If they have permissions, it doesn't touch the request object and allows it pass through as desired.

So even if they have a url monitor, it won't do them much good, because the httpHandler will always kick in on any request to those files.

If you wish for an example, I'll get one written for you over the weekend. (Just moved and don't have the desktop set up yet).

[Magiaus]

this just my crazy idea but, maybe you could put the file in a database. or even more fun make it name a GUID(no.exe no .*) and keep in the www and just grab it through a page and Respose.SaveTOOutPutStrem set type to of the page to exe. just like turning a page into an image