Is it possible to get an original mappath of an attachment on ASP.NET?

Question

Supposing I'm doing something like this:

Response.ContentType = "image/jpeg";
Response.AppendHeader("Content-Disposition", "attachment; filename=test.jpg");
Response.TransmitFile(Server.MapPath("~/images/original.jpg"));
Response.End();

Can any user or hacker get the "original.jpg" place of the file?

If yes, how?

Answer 1

It shouldn't because what the TransmitFile method does is actually write the contents of the file to the output stream; on the client, the browser doesn't know where the response came from, other than it has a file that it can download. I don't believe there is any way to get the original file folder.

Though you should always secure your folders to make sure the user is authenticated via the app by doing something like:

<location path="images">
  <system.web>
     <authorization>
        <deny user="?" />
        <allow user="*" />
     </authorization>
  </system.web>
</location>

This way, only authenticated users could possibly connect directly to the images folder via a URL. Note then unauthenticated users would not be able to see it, so you could create a subfolder for secured images and secure that.