Deleting Application Temp File from ASP.Net

tags:

asp.net

views:

145

answers:

Deleting Application Temp File from ASP.Net

Hi,

I have a WebPage where I am giving the option to to Export the Form data to PDF. I am creating the PDF at run time and store the PDF in a "PDF" folder which is under my application directory. After creating the PDF with the SessionID name I Call following function to show the PDF file in the new browser window:

ResponseHelper.Redirect(Response, "~/PDF/" + Session.SessionID + ".pdf", "_Blank", "");

This PDF contains the private information related to the logged in user. Therefore, I want a way to delete this PDF file once it is shown in the browser to the user. This is because the IIS server allows whole development team to view this folder which is a security risk, and we can't disallow user to view this folder on the server.

Therefore, if I could delete this file as soon as it is loaded in the browser could be a solution of this security risk.

Can anyone suggest some better ways of deleting this file as soon as possbile from the application?

Thanks, Praveen

One way is to write an ashx handler which streams the pdf to the browser, then deletes it when done.

Another, and much better way, is to simply build the PDF in memory (NOT using session) and stream it as soon as it's ready.

UPDATE

I'm doing this with a slightly modified version of iTextSharp. Basically, iTextSharp performed all of it's operations in memory, then saved the file to disk. I changed this to return the memory stream. All the code is already there, it was really just a line or two that had to change.

Then, I used a response.binarywrite to push the stream directly to the browser. viola! no files on disk.

An ashx handler is just like an aspx page, only it has one entry point and doesn't do all of the page processing garbage. It's light weight and communicates back to the browser by response.write calls.

Chris Lively 2009-07-21 05:10:52

I am using iText for creating the PDF. So is it possible to stream PDF from it without saving it on the disk? Could you please provide some sample code or any link to understand it.

2009-07-21 05:15:04

Are you using iText or a port (e.g. iText.Net, iTextSharp)?

CptSkippy 2009-07-21 05:37:21

what i guess is you are creating PDF file on runtime using Itext and then you save that PDF file in temp directory to show it to user... why don't you use

Response.WriteFile(PDFFILE);

this will write the whole file on the stream without saving it in temp folder.

xavoDev 2009-07-21 06:31:23

I am using iText.Net. Actually the code to create the file start with follwing line:PdfWriter pdfWriter = PdfWriter.getInstance(document, new FileStream(ConfigurationSettings.AppSettings["PDFFilePath"] + Session.SessionID + ".pdf", FileMode.Create));So this will always create the PDF file, After I am done I call document.close();So where should I call Respone.WriteFile() and what argument should be passed because it need filepath as the argument.

2009-07-21 07:13:54

ansaurus

tags:

views:

answers:

Deleting Application Temp File from ASP.Net

related questions