I am trying to enable users on a web application to download HTML strings of any URLs using ASP.NET MVC. I know that it would be very easy to download a page using the following code:
using (WebClient client = new WebClient ())
{
string code= client.DownloadString(URL);
//...
}
Now the question is whether I need to check the request for any possible or potential attacks or malwares ot etc?
P.S: How would I know what file type I am getting? If it is let's say an image file, the response (somewhere I don't know) should have the content-type. Where is it?
You can send a md5 hash of a file to Virus Total and see if a file is a known virus.
Related
I want to download a 68kb zip file using webclient and I have the error:
C# System.Net.WebException: 'Too many automatic redirections were attempted.'
About this post is a duplicated post:
The solution explained in: Why i'm getting exception: Too many automatic redirections were attempted on webclient?
Don't work to make my code below works and download the zip file.
How Can I edit to explain better ?
My code:
var url_from = "http://www1.caixa.gov.br/listaweb/Lista_imoveis_RJ.zip";
var _to = #"F:\folder\file.zip";
using (var client = new WebClient())
{
client.DownloadFile(url_from, _to);
}
I tried Async ways too but it was generated empty zip file.
Like this: How do I download zip file in C#?
and this: How can I download a ZIP file from a URL using C#?
This is caused by a bad server implementation. If you use Fiddler, you'll see that the server redirects both HTTPS and HTTP connections to the same HTTP url, adding a security=true cookie.
Calling over HTTP is particulary funny :
The first HTTP redirects to an HTTPS URL
The HTTPS redirects back to the original HTTP with the security=true cookie
If the cookie isn't there, the loop starts again
This means that :
There's no security. Anything can intercept that call and alter or replace the contents of the file. Hope you don't try to download this file over WiFi!
The server will cause an infinite redirection loop unless you store the cookie or add it yourself.
WebClient can't store cookies. It's an obsolete class created back when downloading pages and files was all that's needed. All of its functionality and much more is provided by the HttpClient class.
In this case though, you can add the cookie as a header yourself and avoid the redirections, and still download the file over HTTPS
WebClient is an obsolete class. It was created for simple file and page requests and
var url_from = "https://www1.caixa.gov.br/listaweb/Lista_imoveis_RJ.zip";
using (var client = new System.Net.WebClient())
{
client.Headers.Add(System.Net.HttpRequestHeader.Cookie, "security=true");
client.DownloadFile(url_from, _to);
}
This will result in a single call and download the file over HTTP
I'm trying to get a csv file from the following uri using C# WebClient.
var copUri ="http://obieebr.banrep.gov.co/analytics/saw.dll?Go&Path=%2fshared%2fSeries%20Estad%c3%adsticas_T%2f1.%20IBR%2f1.1.IBR_CSV_XML_ultimos_datos&download_type=csv&NQUser=publico&NQPassword=publico"
var client = new WebClient();
var content = client.DownloadString(copUri);
When I try it in my browser I get the csv file, but the above code is returning the authentication html file instead. How do I get past this html response to get the csv file?
You have pass Authorization credentials with uri.
Server rejected your request due to un-authenticate activity.
The problem was beyond the cookie awareness - the csv was compiled with javascript in the browser. Solved by using Casperjs to render the obfuscating javascript and then getting the data from the underlying instance.
Many might have had experience using File Upload widget from Yahoo User Interface library. The docs and community all know how to receive the files on the server using another server technology other than ASP.NET. If anyone has indeed used the widget in their asp.net pages could you share the code on
How to receive the uploaded files Stream/Bytes to a file.
How to check Integrity of the File
How to check if file was received correctly.
Also i would love to do it in single page because doing so i would learn how to differentiate between a normal webpage request and the one caused my file upload widget
Yahoo Upload Widget can be Found here: https://developer.yahoo.com/yui/uploader/.
Have you tried looking at postedfiles collection though? The API looks like it does a standard post. If it does, the just use that collection.
If it doesn't, then you need to use the inputstream property on the request object to read the incoming bytes.
Using something like Fiddler or firebug will tell you how it's making the request. Look for the request type being multipart/mime
edit
Checking the file integrity & whether it was uploaded correctly are pretty much impossible. The only way I can think to do it is to have the user generate a hash of the file then upload the file & the hash & you check the hash is valid. ie not really practical.
All you're getting is a stream of bytes. you have to assume when the stream ends, it ended cleanly & you got all the file.
I answered my own question with code over here.
http://labs.deeptechtons.com/asp-net-tuts/how-to-upload-files-asynchronously-using-yahoo-uploader/
I am using WebClient.UploadFileAsync to upload local files to a web server and I would also like to pass some parameters with the post as well. I would like to send a few fields that will tell the PHP code on the server specific locations on where to save the uploaded files.
I tried to put the fields directly into the url, for example:
WebClient client = new WebClient();
Uri uri = new Uri("http://example.com/upload.php?field1=test");
client.UploadFileAsync(uri, "POST", "c:\test.jpg");
The PHP code returns false for isset($_REQUEST['field1']).
Thank you for any suggestions.
NOTE: this question was also asked in very similar format for vb.net a while back, but it did not get any answers,
WebClient's UploadFile is designed to send only a file (as byte[]) as part of request. From my understanding, UploadFile method closes the request stream after writing the binaries.
In your scenario, you actually request is has two parts 1. file as byte[] 2. the file name as string.
To do this, you have to use HttpWebRequest or any other high level class capable of creating request.
Refer to the post http://www.codeproject.com/KB/cs/uploadfileex.aspx?display=Print
which does a similar job
This article goes into detail about what is needed to accomplish posting of fields while uploading files using WebClient.
Unfortunately, most file upload scenarios are HTML form based and may
contain form fields in addition to the file data. This is where
WebClient falls flat. After review of the source code for WebClient,
it is obvious that there is no possibility of reusing it to perform a
file upload including additional form fields.
So, the only option is to create a custom implementation that conforms
to rfc1867, rfc2388 and the W3C multipart/form-data specification that
will enable file upload with additional form fields and exposes
control of cookies and headers.
I would look into using the QueryString property of the WebClient to set the value of field1 (as well as any other QueryString parameters to the request).
NameValueCollection query = new NameValueCollection();
query.Add("field1", "test");
client.QueryString = query;
Reference: http://msdn.microsoft.com/en-us/library/system.net.webclient.querystring(v=VS.100).aspx
Is it possible to download files from a website using httprequest? I am only used to using it to get source code of a page. If there is no way to do it using httprequest, is there a way to download files using C# without having to use the webbrowser?
Edit: The answer must allow me to chose the location on the hard drive where the file will be downloaded to
You can absolutely use HttpRequest by getting the WebResponse and using its response stream. Alternatively, use WebClient, with its DownloadFile and DownloadData methods to make life easier.
Ultimately there's not much difference between a request which gets a binary file as a response and a request which gets some HTML as a response. In some ways a binary response is easier to deal with, as you don't need to worry about character encodings.
use a WebClient Class that wraps all of your needs to download data over http.
to get the source code of a page:
WebClient client = new WebClient ();
string src = client.DownloadString(uri);
This should work.
using (WebClient wc = new WebClient())
{
wc.DownloadFile(downloadURL, fileName);
}