Handlers in ASP.NET

HTTP Handlers is a new technique presented in ASP.NET that was not present in the “Classic ASP”. HTTP Handlers are components that implement the System.Web.IHttpHandler interface. Unlike ASP.NET pages Handlers dont have HTML-markup file, no events and other supporting. All they have is a code-file (written in any .NET-compatible language) that writes some data to the server HTTP response.

ASP.NET handlers have “.ashx” file extension (unlike pages, that have “.aspx” file extension).

Handlers are considered to be more lightweight object than pages. That’s why they are used to serve dynamically-generated images, on-the-fly generated PDF-files and similar content to the web-browser.

One such scenario which may arise in any product is that if  I owe a site and I want to restrict the user from downloading a file if he/she is not logged in. But if the user (not logged) is allowed to see the url of the downloading file then he can just copy the url and paste it in another tab and he can easily download the file from there, i.e. my protection mechanism failed. Now here comes the use of handlers.

The handlers will restrict the user to even view  the url of the file to be downloaded unless he is logged in.

How to create the Handlers in ASP.NET in Visual Studio 8.0.

First step is to create new project-

Step 1) Open Visual Studio an Goto – File Menu ->New -> Project.

Step 1
Step 1

Step 2) Now new window will open then select  Web -> ASP.NET Web Appliction. Then rename it and click ok.

Step 2
Step 2

Step 3) Now we have to add the Handler (Don’t call it the page, its all different thing) Follow the steps to include the handler in the current project.

First Right Click on the Solution Explorer -> Add -> New Item ->

Step 3

Step 4) Then new window will be displayed. Then select the Generic Handler and rename it then click on Add–>


ASP.Net Handlers
Step 4

Step 5) Now open the Default.asp page in Design view and design the form as required using Button Tool from toolbox.

Step 5
Step 5

Step 6) Then write the following code on the click event of both the buttons in Default.aspx.cs page (Just double click on the buttons and it will automatically generate the block in source page)

protected void btnWoutSecurity0_Click(object sender, EventArgs e)
     Response.Redirect("LinkSecurty.ashx?isSecure = 1");
protected void btnWoutSecurity_Click(object sender, EventArgs e)
Step 7) Now open the Handler which we have created earlier i.e. LinkSecurity.aspx.cs  and write the following code–
public class LinkSecurity : IHttpHandler
     public void ProcessRequest(HttpContext context)
        if (context.Request["isSecure"] == null)
            context.Response.ContentType = "text/plain";
            context.Response.Write("You are not Logged In.... Please Login to access this page...");
            context.Response.ContentType = "image/png";
      public bool IsReusable
      {   get{return false;}


  1. Just want to say what a great blog you got here!
    I’ve been around for quite a lot of time, but finally decided to show my appreciation of your work!

    Thumbs up, and keep it going!


Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.