Hi All,
I need to features added to my webservices:
1 a method to upload files:
client can send in files, currently one at a time (per request), I validate some key. and place this file in a folder on the server (I don't care where it as long as serving the file is possible via method two)
2 a method to download the most recent uploaded file (via method 1)
From all files updloaded (by method 1) I want the most recent one to be served to the client. So Client simply call GET wsGlobal\MostRecentFile and my application serves this (
File uploading/downloading is only allowed via these methods (client has to provide an api-key, that's the easy part ...), the uploading is not a problem either, I got that covered. But I'm not sure where to store the files (inside the web folder or not) and how to serve (not determine which file it is ...) a file via a webservice method, without introducing security risks.
- should I store these files inside the "\web" folder? Best not to I guess, because I can't protect folders in there. If someone guesses the foldername and filename they can fetch it with a browser (and without an api-key), right?
- how can I return a file (just as if it was fetched like any other file directly from the \web folder "below" the app) to a http(s) client via a service method. Is this what the "stringtheory" return parameter is used for? Should I "encode" this object first before it is return to the client?
Thanks in advance,
regards,
Ton
Topic: webservices : file upload and download though methods (Read 3648 times)