This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(230.39999999999998, 98%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EBN%3C/text%3E%3C/svg%3E)
[AllowAnonymous]
[HttpGet]
[Route("api/HelpVideo/{ID}")]
[ResponseType(typeof(HttpResponseMessage))]
public HttpResponseMessage GetHelpVideo(int ID)
{
try
{
HelpContent obj = db.HelpContents.Find(ID);
string FileName = string.Empty;
FileName = obj.FileName;
if (!string.IsNullOrEmpty(FileName))
{
FileProvider = new FileProvider(0, Global.FileLocationType.HelpDocument);
if (!FileProvider.Exists(FileName))
{
return this.Request.CreateResponse(HttpStatusCode.NotFound, new { Status = Global.Status.NotFound.ToString(), Message = Global.StatusMessage.NotFound });
}
string rootPath = HttpContext.Current.Server.MapPath(ConfigurationManager.AppSettings[AppSettingsKey] + "/Help/");
//var decodedFileName = Uri.UnescapeDataString(FileName);
var vidFile = File.OpenRead(Path.Combine(rootPath, FileName));
return new ProgressiveDownload(Request).ResultMessage(vidFile, "video/mp4");
}
else
{
return this.Request.CreateResponse(HttpStatusCode.NotFound, new { Status = Global.Status.NotFound.ToString(), Message = Global.StatusMessage.NotFound });
}
}
catch (Exception ex)
{
Global.InsertException(ex);
return this.Request.CreateResponse(HttpStatusCode.InternalServerError, new { Status = Global.Status.Invalid.ToString(), Message = Global.StatusMessage.Invalid, MessageDetail = ex.Message + (ex.InnerException == null ? "" : ex.InnerException.Message) });
}
}
I need to encrypt the ID parameter How to do that???
I'm not sure how you can pull this off... The client that calls the GetHelpVideo() method the Web API need to agree on an encryption algorithm. Perhaps use certificates.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(211.20000000000002, 61%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EBS%3C/text%3E%3C/svg%3E)
if you use guids instead of an int, they are harder to guess.
if the user is picking from a webpage where you display the link, then you would encrypt the id and an expiration date to a base64url string using any encryption you like.
then when you decrypt you can check if too old.