we were all recently alerted by scottgu with this security vulnerability. [URL] I'm wondering, since I've been redirecting errors via Global.asax on the Application_Error event, I was wondering if that can suffice the fix for this issue or do I still need to place a setting on the web.config?
When I open my ASP.NET site in IIS and try to open the .NET Trust Levels, I get an error message:
.NET Trust Levels There was an error while performing this operation.
Details: Filename: ?C:inetpubwwwrootmyappweb.config Line number: 445
Error: This configuration section cannot be used at this path. This happens when the section is locked at a parent level. Locking is either by default (overrideModeDefault="Deny"),or set explicitly by a location tag with overrideMode="Deny" or the legacy allowOverride="false".
I've checked a few places, but I haven't found anything that seems like it would be locking that setting. Is there a systematic way of determining where that setting is locked?
I am running into a problem with a web.config in a child project that has the same connection string setting as a parent. We have this in several of our web apps but there is one case where we want a child not to use the parent web.config. Is there a setting or command in the child web.config to ignore the parent web.config?
My hosting provider just changed the trust level to medium but I cant figureout where to place the configuration on the web.config file! I have spent hours trying to figureout with no luck. here my web.config file
I have one requirement that i have to place the log file in the same directory of solution. That is my solution is placed in [drive]workProject1solution file. But i have to create my log file to [drive]workProject1Loglog.log. How it can be set in app.config file.
This might sound a bit dumb. I always had this impression that web.config should store all settings which are suspect to change post-build and setting.settings should have the one which may change pre-build.but I have seen projects which had like connection string in setting.settings. Connection Strings should always been in web.config, shouldnt it?I am interested in a design perspective answer.Just a bit of background:My current scenario is that I am developing a web application with all the three tiers abstracted in three separate visual studio projects thus every tier has its own .settings and .config file.
I'm using a flash app to upload images (EAFlashUpload - http://www.easyalgo.com/eaflashupload.aspx) which works great, but there's a problem.For reasons beyond my understanding, if a theme (page theme = "white") is declared in the web.config, it doesn't work correctly; even if there is nothing in the theme folder at all! Oddly though, it's happy if the theme is set at the page level. Problem is, I don't want to have to hard code the page theme into every page. Is there another place I can set the page theme? I've tried in the code behind of the master page (pre_int), and also adding a web user control with some code behind to the master page.
How can I change an application setting within a web.copnfig programmatically with C# (from another application, which configures the web-application)? The following code snipped doesn't work, because AppSettings[...] is readonly!
I have a Silverlight control that is hosted within an ASP.NET application. The Silverlight control has a web service reference. The URL of this service is going to vary when we install the application for our customers. I need a way to be able to change this web service reference URL from within the web.config of the ASP.NET application. How can I do this?
I did a couple google searches about this and am not finding anything, so I thought I'd ask here. I'm working on our internal CMS and I noticed that we're getting live data back when doing debugging because of our web services instead of the dev data that I wanted. It doesn't do this on our dev CMS website, but we're trying to do all our development on localhost. Is there any way to set up an environment variable in our web config for the URL so that the CMS points to the dev database instead of live database that is referenced in the wsdl files?
I'm having some trouble setting the ExecutionTimeout element in my applications web.config. My page is making a lengthy webservice call and times out after 110 seconds. (the default I believe). I set the value to 220, and make sure the compilation debug=false.
Does the compilation setting refer to when IIS/ASP.net compiles the ASPX pages when a client requests them, or does it refer to the visual studio compile process there the assemblies are created. Would using an assembly built using debug in visual studio still allow the above settings to work?
A client is unable to use my webpart because he is behind a proxy server and they need to specify a username and password to get past the proxy. I have this in my config file right now:
I have some pages that need user to sign in. If not, I need to redirect user to signin page. I know this can be done by using some code like"<system.web><authorization><deny users="?"/></authorization></system.web>" in web.config.
But can I just write some code to do the same function?
like in page load method, I can check whether user is sign in, if user is not signed in yet, how can I redirect user to the login page by using code? and how can I stop sending the content of the page to user?
i just have asp.net mvc 3 beta installed, and i get an issue with loginUrl.
my little project works fine with asp.net mvc 3 preview, but now it always ignores my loginUrl setting in web.config and always redirects me to ~/Account/Login.
i follow the instructions, install WebPages first then mvc 3 beta.
This is a yellow page which is not user friendly and we didn't expect . I'm wondering setting customeError in webconfig doesn't support this type of address or not ? How can i prevent users seeing this yellow page . Edit : solution you mentioned are about configuring IIS ,But as i mentioned earlier , my site has been published on shared hosting provider . I don't have those access at IIS , What should i do at this situation ?
I have my theme for each folder set in the web.config, but on design I have no access to the css or skins for that page unless I add them in the page directive, then upon rendering in html, the page shows 2 references to the same css file.
So for design purpose do I have to reference the file, then delete the references after I finish designing the page? why does the editor not recognize the web.config and reference the proper theme?
i am working on an application ,i have hosted on server. everything going fine . i have added a code to set session timeout in webconfig . but its expire default time .
I implemented the Location tag in the web.config file to authorize the anonymous users for Images folder. I deployed the code in IIS6.0 with Forms authentication mode enabled for the virtual directory. I disabled all other authentication modes. When I browse the login page, Images are not displaying. When I set Anonymous authentication in IIS6.0 for the Image folder, it works fine.
We had a UAT and Production version of a .NET web application. UAT was taking around 5 seconds to run a particular operation while Prod was taking 35+ seconds.
This even happened when pointing both web applications at the same database and putting them both on the same machine.
The culprit was finally found to be the following entry, which was in the Prod but not UAT web.config
<trust level="High" originUrl="" />
why this would cause such a significant performance degradation??
I'm working on different windows machines and virtual windows machines on a mac. I have a project wich uses SQL server and AD for autentication.
Right now I have to be connected to VPN so that the asp.net web application can connect to AD using LDAP string to autentivate users, I also have the SQL server on the other side of the VPN connection.
Is there any way to setup my enviroment so that I can work locally without the AD, and on a local SQL server and be able to publish the project without manually changing the web.config file?