hide links form end user

Question

0.00/5 (No votes)

See more:

i have a web page in which there is the options for downloading word documnet.
what i did , i create one tag from c# and set its href link to word document like bellow:

 StringBuilder sb = new StringBuilder();
sb.Append("<a");>
sb.Append("href='");
sb.Append("http://www.mydomainName/doc1.doc' >");
sb.Append("");
Label l = new Label();
l.Text = sb.ToString();
form1.Controls.Add(l);

so once page will render and end user if saw source page then he/she would be able to view that word document link but i dont want any end user to see my link
can u tell me how i can do this

Posted 10-Aug-11 21:16pm

spydeehunk

Updated 10-Aug-11 21:17pm

Wendelius

v2

Add a Solution

3 solutions

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Christian Graus · Answer 1 · 2011-08-10T21:18:00

Solution 1

This makes no sense at all. If you don't want them to see a link, don't render it. What other option is there ?

Also, your way of doing this is nuts. Why would you add a Label at random and fill it with HTML ? Why not put a literal in the right place on the form and populate that, or even a hyperlink ?

Posted 10-Aug-11 21:18pm

Christian Graus

Comments

spydeehunk 11-Aug-11 3:26am

this is demo code only that i thought. definetly first i would hyperlink on form first that will set from code behind. my main concern is to hide url that i want to secure because it is only avaible for registered user.

Christian Graus 11-Aug-11 3:39am

I think that Dave has given you a correct answer. But there was no way anyone would get that as the obvious thing you were asking. The code you posted was all useless. You just needed to explain that you wanted to use a URL that was not the real URL for the file. But even that doesn't help, b.c either way, only your registered users will see the URL, the most you can hope to do, is hide your file structure from registered users to make them less able to guess the path to other files they may not be allowed to have. I'd use a HTTP Handler so that the URL passed in includes validation of the user's details, so that it would only serve files that user is allowed to have.

OriginalGriff · Answer 2 · 2011-08-10T21:21:00

Solution 2

I have to agree with Christian - what you are doing does not make a lot of sense.

What are you trying to achieve, that you think this will help?

Posted 10-Aug-11 21:21pm

OriginalGriff

Comments

spydeehunk 11-Aug-11 3:33am

this is demo code only that i thought. definetly first i would hyperlink on form first that will set from code behind. my main concern is to hide url that i want to secure because it is only avaible for registered user

OriginalGriff 11-Aug-11 3:39am

If it is only supposed to be available to registered user, then the first thing to do is make sure you are using a proper login system that will not allow non-logged in users to access "private" pages - normally this is a case a putting them into a directory structure with the appropriate web.config settings - you know that already, I assume.
Then just check if the user is authorised and don't add it to the page if they aren't! Don't try to hide things on a page, because (as you also probably know) a quick right click followed by "view source" will give them any information they want, authorized or not...

spydeehunk 11-Aug-11 4:33am

but these links are in database and so any user can copy that url and typed it in browser later n get that document even if i did the proper authentication and autherization

OriginalGriff 11-Aug-11 5:06am

No, the whole idea of authentication is that the user must be logged in correctly in order to access the restricted pages.
And if the links are in the database, just don't server them up to a web page unless the user is correctly authorized.

spydeehunk 11-Aug-11 5:12am

what if end user copy that url after sucessful login and type that URL in browser later.

OriginalGriff 11-Aug-11 5:18am

If he is logged in, (i.e. you haven't logged him out, his login hasn't expired and he hasn't closed his browser) then he will get to the page. You could prevent this by looking at the "referrer" parameter, but that would annoy me (and probably other users) who bookmark particular pages and expect a login page to come up if needed.
If he isn't logged in, then the login page automatically comes up, and he then gets to the page afterwards.
Similar to the way eBay works: Goto "My eBay" if you are logged in and you get there, try when you aren't and you must log in first. These are all features of getting the authentication process right - which isn't difficult, you just have to follow the instructions on MSDN! :laugh:

spydeehunk 11-Aug-11 5:01am

can i use Handler here its just my thought is it possible or not.

**Dalek Dave** · Answer 3 · 2011-08-10T21:33:00

I think you mean that you do not want the URL showing in the address bar, is that right?

If so there are several methods.

This method does an urlrewrite...

XML

<system.web>
    <urlMappings enabled="true">
       <add url="~/home.aspx" mappedUrl="~/index.aspx?pid=01" />
       <add url="~/contacts.aspx" mappedUrl="~/index.aspx?pid=02" />
       <add url="~/sales.aspx" mappedUrl="~/index.aspx?pid=03" />
    </urlMappings>
</system.web>

Obviously you need to adjust the pages and titles to your own needs.