Most of my experience is with classic ASP, pleased excuse my ignorance…
I have a series of HTML files in a secure folder at the same level as the the web site's root. Users will login and be able to access only the files appropriate to them. I will generate a series of links to these files for the user in question (once they have logged in) and they will click on the link to view a particular file. I don’t have much control over the web server so I’d prefer not to get involved in manipulating permissions.
If the files are placed in a secure folder like this, my understanding is that I will be able to reference that folder in code using a local windows path but that the files will not be accessible by direct reference from a browser. When the user clicks a link, therefore, my logic will call a .aspx page passing the filename in the query string.
When the .aspx page is called, the code will double check that the user is logged in and the file is available to him/her. The question I have is how do I open and render the file once I have retrieved its name from the query string? I presumably cannot do a Response.Redirect as I assume that will require the page to be available within the folder structure under the web site’s root and that it will not accept a local path. Do I have to read the file content in code and render it by, for example, assigning it to an asp label control? If so, the problem I potentially have is the fact that the HTML files in question are “stand-alone” – i.e. they have their own <html>, <head>, <title> tags and if I try to render in this way I could confuse the browser somewhat.
Would server.transfer offer a more viable alternative?
If possible, I’d like to open the referenced in an HTML file in a new window. Am I asking too much?
Or am I missing something very simple!?
I have a series of HTML files in a secure folder at the same level as the the web site's root. Users will login and be able to access only the files appropriate to them. I will generate a series of links to these files for the user in question (once they have logged in) and they will click on the link to view a particular file. I don’t have much control over the web server so I’d prefer not to get involved in manipulating permissions.
If the files are placed in a secure folder like this, my understanding is that I will be able to reference that folder in code using a local windows path but that the files will not be accessible by direct reference from a browser. When the user clicks a link, therefore, my logic will call a .aspx page passing the filename in the query string.
When the .aspx page is called, the code will double check that the user is logged in and the file is available to him/her. The question I have is how do I open and render the file once I have retrieved its name from the query string? I presumably cannot do a Response.Redirect as I assume that will require the page to be available within the folder structure under the web site’s root and that it will not accept a local path. Do I have to read the file content in code and render it by, for example, assigning it to an asp label control? If so, the problem I potentially have is the fact that the HTML files in question are “stand-alone” – i.e. they have their own <html>, <head>, <title> tags and if I try to render in this way I could confuse the browser somewhat.
Would server.transfer offer a more viable alternative?
If possible, I’d like to open the referenced in an HTML file in a new window. Am I asking too much?
Or am I missing something very simple!?