无知者无畏，今天遇到一个问题，需要自定义下载文件名，以前在asp中写过，马上把原来代码翻出来了
<%
Dim Stream
Dim Contents
Dim FileName
Dim FileExt
Const adTypeBinary = 1
FileName = Request.QueryString("FileName")
'response.write FileName& request("filetitle")
'response.end
if FileName = "" Then
    Response.Write "无效文件名."
    Response.End
End if
' 下面是不希望下载的文件
FileExt = Mid(FileName, InStrRev(FileName, ".") + 1)
Select Case UCase(FileExt)
    Case "ASP", "ASA", "ASPX", "ASAX", "MDB"
        Response.Write "受保护文件,不能下载."
        Response.End
End Select
' 下载这个文件
'Response.Clear
Response.ContentType = "application/octet-stream"
Response.AddHeader "content-disposition", "attachment; filename=" & request("filetitle")
Set Stream = server.CreateObject("ADODB.Stream")
Stream.Type = adTypeBinary
Stream.Open
Stream.LoadFromFile Server.MapPath(FileName)
While Not Stream.EOS
    Response.BinaryWrite Stream.Read(1024 * 64)
Wend
Stream.Close
Set Stream = Nothing
Response.Flush
Response.End
%>

这样可以防止别人看到文件下载的物理路径，同时也可部分的实现安全下载，在c#里也改了一下
/// <summary>
/// 下载文件
/// </summary>
/// <param name="userID">用户ID号</param>
/// <param name="fileName">要下载的文件名</param>
/// <returns>成功与否</returns>
public static ReturnInfo DownloadFile(string userID,string fileName)
{
 if(fileName.Length<4)
  return new ReturnInfo(0,new Exception("文件名错误！"));
 System.Web.HttpResponse Response = System.Web.HttpContext.Current.Response;
 System.Web.HttpServerUtility Server = System.Web.HttpContext.Current.Server;
 string filePath = Server.MapPath("UserSpace")+"/"+userID+"/"+fileName+".aspx";
 FileInfo file = new FileInfo(filePath);
 if(!file.Exists)
  return new ReturnInfo(0,new Exception("没有找到要下载的文件！"));
 Response.Clear();
 Response.AddHeader("Content-disposition","attachment;filename="+fileName.Replace(".aspx",""));
 Response.AddHeader("Content-length",file.Length.ToString());
 Response.ContentType = "application/octet-stream";
 Response.WriteFile(file.FullName);
 Response.End();

 return new ReturnInfo(true);
}