Preventing Files from Being Downloaded in Asp.Net.

HttpForbiddenHandler class is used to prevent certain file types from being downloaded over the Web. This class is used internally by ASP.NET to prevent the download of certain system level files.

New to Office 365 SharePoint Online? Get Office 365 Enterprise E3 Subscription & Try out all the features

Read some more Asp.Net tutorials:
– Steps to archive log files using NLog with ASP.NET Core

– How to set up session state in our ASP.NET Core and MVC Core Web applications?

– Get control value using JavaScript with a master page in Asp.Net

To use the HttpForbiddenHandler to prevent a particular file type from being downloaded, refer below.

Create an application mapping in IIS for the specified file type to map it to Aspnet_isapi.dll.

a. On the taskbar, click the Start button, click Programs, click Administrative Tools, and then select Internet Information Services.

b. Select your application’s virtual directory, right-click, and then click Properties.

c. Select Application Settings, click Configuration.

d. Click Add to create a new application mapping.

e. Click Browse, and select c:\winnt\Microsoft.NET\Framework\v1.0.3705\aspnet_isapi.dll.

f. Enter the file extension for the file type you want to prevent being downloaded (for example, .xyz) in the Extension field.

g. Ensure All Verbs and Script engine is selected and Check that file exists is not selected.

h. Click OK to close the Add/Edit Application Extension Mapping dialog box.

i. Click OK to close the Application Configuration dialog box, and then click OK again to close the Properties dialog box.

Add an <HttpHandler> mapping in Web.config for the specified file type.
An example for the .xyz file type is shown below.

<add verb=”*” path=”*.xyz” type=”System.Web.HttpForbiddenHandler”/>

Check out Best Alternative to InfoPath -> Try Now


(Installation & Features)

About Bijay Kumar

I am Bijay from Odisha, India. Currently working in my own venture TSInfo Technologies in Bangalore, India. I am Microsoft Office Servers and Services (SharePoint) MVP (5 times). I works in SharePoint 2016/2013/2010, SharePoint Online Office 365 etc. Check out My MVP Profile.. I also run popular SharePoint web site

View all posts by Bijay Kumar →