How to specify multiple paths in one location element in web.config:, a
<location path="Images">
<system.web>
<authorization>
<allow users="?" />
</authorization>
</system.web>
</location>
We would like to add styles and images to location, e.g. location path="images, styles". Is it possible to put multiple paths in location element (and how)?
Now since i'm securing the site i've noticed that the location element does not get much attention.The only thing i have found is that you can use <location path="" allowOverride="false"> on machine.config .I'm not sure how this goes but if you need to use this one every page then i will have multiple problems.First if i have a page with the same name on another website there is trouble and also if i need to update pages again problem.What i'm not sure of is if the location element on machine.config i just used once and then magically every site you have will throw an exception if a hacker changes you web.config.I have doubts and it's confusing and if i play with the server web.config,well i don't wanna mess with that.
So i also tried to encrypt the location element but i cannot find an example(can you encrypt it?).I can encrypt authorization and authentication but i will not go inside the location element.Just the standard authorization and authentication nodes.How can i secure the web.config location element so no hacker can change the allow,deny,etc.
[URL]
In my ASP.NET's Web Config file I have the following location elements defined:
<location path="">
<system.web>
<authorization>
<deny users="?"/>
</authorization>
</system.web>
</location>
<location path="dir1">
<system.web>
<authorization>
<allow users="?"/>
</authorization>
</system.web>
</location>
<location path="dir2">
<system.web>
<authorization>
<allow users="?"/>
</authorization>
</system.web>
</location>
The example above is specifying that all directories will be locked down to anonymous users except the two directories dir1 and dir2. I'm curious if there is a syntax that I can use that will allow me to define more than one directory within one location element. For example, it would be convenient if we could do something like this...
<location path="dir1,dir2,etc">
<system.web>
<authorization>
<allow users="?"/>
</authorization>
</system.web>
</location>
I'm looking at an asp.net application, i notice that there are assemblies defined into two places. In web.config there is configuration/system.web/compilation/assemblies/add elements. In the project file there are references setup under the Project/ItemGroup/Reference elements.
I was wondering, what is the difference between assemblies/references added in either location?
I use ASP.NET routing to rename the full paths of my URLs (ie. /page1/page2/file.aspx would just become /file.aspx). This doesn't work with web.config authorization, because that uses physical path/folder names.
View 1 Repliesgot a folder named profile with about 4 pages in it. i used this tag to protect the directory but it only works if i go www.mysite.com/profile. if i specifically try to go to a page like www.mysite.com/profile/mypage.aspx it lets me in and doesn't block my access or drive me to the login page as it's supposed to
<location path="profile">
<system.web>
<authorization>
<deny users="?"/>
</authorization>
</system.web>
</location>
Let's imagine you have an asp.net page in front of you full of input elements, user controls and panels etc. And you are asked to modify a specific textBox and you do not know where that textBox stands in your project. Most of the time I use FireBug and try to see the Id of that element but it is not the best way all the time. So, What is the fastest way you believe that can be used to locate the source file that houses a specific html element in your web project?
View 2 Repliestoday i tried to work with a testing site in server. but i got an error like this
XML Parsing Error: no element found
Location: http://iamrenjith.co.cc/Home.aspx
Line Number 1, Column 1:
I have a sitemap, and i'm using nested repeaters to display the parent and child nodes for my breadcrumbs.I have 3 pages: Home, Hub, and Search.Each of these pages can navigate to each other. In other words:
Home> Hub
Home> Search
Home> Hub > Search
Home> Search > Hub
Home > Default
The most common path would be "Home > Hub" and Home > Search > HubHowever, I can't seem to figure out how to show this on my breadcrumbs, since you can't have multiple ULR's in the Sitemap. Right now, you can only go "Home > Hub". If you go from "Search" to "Hub...it should show "Home > Search > Hub" in the breadcrumbs.
i have a table that contains 3 forign keys, 2 of them from the same table when i make Delete Rule Cascade,this error message appears
'Customers' table saved successfully
'Order' table
- Unable to create relationship 'FK_Order_Customers1'.
Introducing FOREIGN KEY constraint 'FK_Order_Customers1' on table 'Order' may cause cycles or multiple cascade paths. Specify ON DELETE NO ACTION or ON UPDATE NO ACTION, or modify other FOREIGN KEY constraints. Could not create constraint. See previous errors. what is solution,as i want when i delete data from master table ,all dependent (child) data automatically deleted, so i use Cascade.
My WebApp is part CMS, and when I serve up an HTML page to the user it typically contains relative paths in a.href and img.src attributes. I currently have them accessed by urls like: ~/get-data.aspx/instance/user/page.html -- where instance indicates the particular instance for the report and "user/page.html" is a path created by an external application that generates the content. This works pretty reliably with code in the application's BeginRequest method that translates the text after ".aspx" into a query string, then uses Context.RewritePath(). So far so good, but I've just tripped over something that took me by surprise: it appears that if any of the query string ("instance/user/page.html") happens to contain a plus sign ("+") the BeginRequest method is never called, and a 404 is immediately returned to the user.
So my question is two-fold:
Am I correct in my belief that a "+" would cause the 404, and if so are there other things that could cause similar problems? Is there a way around that problem (perhaps a different method than BeginRequest)? Is there a better way to preserve relative URL paths for generated content than what I'm using? I'd rather not require site admins to install a 3rd party rewrite tool if I can help it.
My web.config has following settings :
Code:
<authentication mode="Forms">
<forms loginUrl="SignIn.aspx" >
</forms>
[code]....
and different settings for a folder - "user" inside root.
( same config file )
Code:
<location path="User">
<system.web>
<authorization>
[code]....
but when use the statement
Code:
Server.Transfer("~/user/somepage.aspx")
in code behind , the control goes to somepage.aspx instead of SignIn.aspx.
We have an application that is making use of the location tag in the web.config file at the machine level - meaning like :WindowsMicrosoft.NETFrameworkv2.0...CONFIGweb.config, the one that applies to the whole server - this application has lots of virtual directories under it and for each one there is a <location path="IIS Web App NameCustomerA">...This seems to work ok for that app. But then we have a second app on the same server, and I'd like to add location tags to that app's web.config file - meaning the local web.config file in the app's directory - and have each one of them specify a location tag in a similar way
View 1 RepliesI wanted to impose specific timeout interval and request length on some specific pages that uploads documents of size up to 50MB. Hence I did the following config changes after going through some sites.
<location path="Upload.aspx" >
<httpRuntime maxRequestLength="51200"/>
<httpRuntime executionTimeout="36000"/>
</location>
I keep getting error when I run the application. I tried various other ways like giving the complete path like <sitename>/<applicationname>/<v.folder name>/<filename>.I tried this on both IIS 6.0 and IIS 7.0.
In my ASP.Net application I'm using URL routing.
The url format is somewhat like: [URL] To allow users to visit the login and recovery page, I've added the following entries to my web.config:
[code]....
Is there a form of notation so that I can skip the en-GB part and replace it with a wildcard? I want the login and recovery page etc. to be available regardless of the culture.
When I add this in my web.config
[Code]....
I creating a page where our clients can view advertising images and then able to download the images in different file formats. So I need the images and the different download types all saved into the same row in the database so that when I go to display them on the page when they select a picture the right download links will be there. So here where my problem comes in, I don't know how to code it so that I can insert mulitiple file paths into the database at once. The images are saved in a table called images. The downloads are saved in a table called Image Downloads.
Here is the code for the page I have it coded to submit the images to the database but not sure how to add the rest. I have got three different sql datasources for each table not sure if that's the way to go.
[Code]....
This is part of my web.config
<location path="Secure">
<system.web>
<authorization>
<allow users="SecureUsers" />
</authorization>
</system.web>
</location>
I want to be able to search for path of Secure and find out the user role that is specified. My input is the path, such as "Secure" and the value I'm trying to retrieve is "SecureUsers".
Is it possible to have location authorization nodes in a web.config be external?
Such that I could take all of the nodes simlar to
[code]....
And move them outside of the web.config or something simlar? I find these nodes at an extreme amount of noise to a web.config when they're relatively static. Normally my approach would be to config source something like this but since it falls under the root node I'm not sure of it's possible with these nodes.
I'm looking to deploy a web app and I have a simple question about the <location> tag of the web.config file. For the moment, I want all the pages to be password protected and I've created a simple login page with the login object. I've put all my .aspx file in a directory called AppMyPages and I've put this in the config file:
<location path="AppMyPages">
<system.web>
<authorization>
<allow roles="tester" />
[code]...
Where do I find the machineKey config section for ASP.NET?
I don't have one in my application Web.config, there isn't one in the root Web.config and there isn't one in my machine.config.
Does this mean there is some other default hardcoded into ASP.NET? If so, what are the defaults? (For .NET 2 and 4)
Having read this: [URL]
i was expecting to find something like this, somewhere:
<machineKey
validationKey="AutoGenerate,IsolateApps"
decryptionKey="AutoGenerate,IsolateApps"
/>
Edit: the 1.1 docs seem fairly clear wrt default values: [URL] but the 4 docs are rather ambiguous [URL]
I want to be able to determine if the web.config element <compilation defaultLanguage="vb" debug="false" /> if the property is debug is set to true or false. Public Shared Function isDebug() as Boolean
View 1 Replieslook at the attached web.config? The last part doesn't seem to work although the path is correct. I've tried logging on the site with a use which is in no groups, but it can still access the page...
[Code]....
I have the following authorization settings in my web.config:
[Code]....
This deny's all anonymous access to the application accept the login page. In addition to this I am using authorization within each controller action via a custom authorize attribute.
I have one additional action that I would like to expose publicly in addition to the login page. This action does not have the authorize attribute on it. I have tried to make this view (resetPassword view) public by using the location tag in the web.config file like so:
[Code]....
In the path attribute above I have tried both the view as well as the action path, but it doesnt allow public access to the action.
I have even tried to put this view in a separate folder within the shared folder and put a separate web.config file to make that folder public like so:
[Code]....
None of the above configuration allow me to make this particular action (view) public. Can anyone suggest any other solutions, or what I may be doing wrong in this case?
I have my theme for each folder set in the web.config, but on design I have no access to the css or skins for that page unless I add them in the page directive, then upon rendering in html, the page shows 2 references to the same css file.
So for design purpose do I have to reference the file, then delete the references after I finish designing the page? why does the editor not recognize the web.config and reference the proper theme?
