Read and Display Binary Data
In many cases you may have files that you don't want a Web User to have access to when they visit your site. If these files are for clients only, you don't want somebody to be able to "hack" your pages and find out directory or filename structure.The only real way to secure these files is to store them outside the web directory.
"Doesn't this defeat the purpose of sharing files over the web", you say?
Normally it probably would but in this case its the perfect( well almost ) scenario for securing your files.
The method I use for securing files is by using a Component to read the binary file from a directory and then write it back to the web browser.
There is also a link to the MSKB about this
The Code
<% 'On Error Resume Next If Not Response.isClientConnected Then Response.end End If Response.buffer = true 'Specify a MIME type such as "text/html", "image/gif" or "application/pdf" Response.contenttype = "application/msword" 'Useful in cases for unknown file types 'Response.contenttype = "application/octet-stream" 'Custom server component Set objBinFile = Server.CreateObject("ASPBinFile.clsASPBinFile") 'Beware of cases of file name in case some systems differentiate them mFile = "c:\inetpub\wwwroot\test\serverop.doc" mStream = objBinFile.BinFileRead(mFile) Response.Addheader "Content-Disposition", "inline; filename=" & "ado.pdf" 'Response.Addheader "Content-Disposition", "inline; filename=" & "serverop.doc" Response.CacheControl = "public" Response.binarywrite mstream Set objBinFile = Nothing Response.End %>As you can see the code is very small.
You need to set your MIME type so that the browser knows what kind of file this is. If you are serving multiple kinds of files I would write a case statement to handle all the MIME types and for the CASE ELSE you can use octet-stream.
Octet-Stream is the catch-all datatype. If you look in your web server's properties under MIME types you will likely see a long list with MIME types and their associated applications. For Octet-Stream you will see all or *. This is because octet-stream is the straight binary and will just let you download or open the file. Kind of like writing it straight to the browser.
mFile is the variable you will need to set the path in. What I would do here is hardcode the main path into your asp page and then just Response.Write your filename into the page.
You will also need to create your instance of the BinaryRead/Write object I have created.
Below I have also included the code for the Component I wrote to handle the Binary Read portion of this article. This is a simple ActiveX Dll. Just open VB and name the Project File - ASPBinFile and the Class File - clsASPBinFile.
Option Explicit Function BinFileRead(ByVal inFileSpec As String) As Variant On Error GoTo errHandler Dim mHandle Dim lngFileLen As Long Dim arrData() As Byte mHandle = FreeFile Open inFileSpec For Binary Access Read As #mHandle lngFileLen = FileLen(inFileSpec) ReDim arrData(lngFileLen) Get #mHandle, , arrData Close #mHandle BinFileRead = arrData Exit Function errHandler: End Function
binary data asp read and display
