I've been strugggling with this for a few days now. I have a restricted section setup that requires a username/password to access (SQL db using legacy ASP) of which there are many u/p's. I have a few self-extracting zip files located within this protected area that I also want to be able to lock-down and not allow direct access to, essentially having a download.asp scripted page that streams the file to the browser upon successful authentication. The problem is that I cannot get it to work properly with ZIP files (it has worked with a JPG) and I can't find any information on if this is even possible with legacy ASP. I have found a ton of information on using Server.WriteFile, but that only works for ASP.NET.

I've tried the code below in various fashions, from changing the ContentType to octet-stream, to using text (ascii) instead of binary (which in case you're wondering downloads the script file, not the attachment file, then crashes IE). In the end, the files will all be protected in a non-web accessible directory with the filename being passed into the script via the URL or a post/get (not sure which yet). The example below that I've been testing with just calls upon a file located in the same directory as the script.

<%
Response.ContentType = "application/zip"
Response.AddHeader "Content-disposition","attachment;filename=myfile.exe"

Dim strFilePath

strFilePath = Server.MapPath("myfile.exe")
Set objStream = Server.CreateObject("ADODB.Stream")
objStream.Open
objStream.Type = 1 '1=binary 2=text
objStream.LoadFromFile strFilePath

Response.BinaryWrite objStream.Read

objStream.Close
Set objStream = Nothing
%>

I need some help. Any legacy ASP guru's out there?