Security :: How To Disable Aspx File Modification
Apr 22, 2010
it's possible to protect aspx page from modification in a production environment?
I explain: We are developping a web application that is installed in our customers environments so once it's installed we don't manage it.
This application manages critical and encrypted data that the IT (of our customer) should not have access to, for instance their customer's password. So I would like to know if it's possible to prevent any modification of the aspx page to insert script to retrieve session data or catch keyboard entries once the web application is installed.
View 4 Replies
Similar Messages:
Oct 18, 2010
I have started to get confused with the setting and security issues of asp.net. Hope someone could answer me. Problem 1: I am curious why we have to encrypt connection string, appsetting and more in the web.config file even though file listing is set to "not allowed" on server setting. Does it mean some strangers can still view and steal such file from server? Problem 2: I know that session id is sort of protected but could
hacker be able to change the information inside ? Let say hacker browser my webpage and some data are stored in the session cookies, could they change the information inside the session cookies?
View 1 Replies
Nov 13, 2010
Is this possible to get the details like size, creationdate, modification date of a file hosted at some ftp server? I can download/upload files to ftp directory using ASP.Net but my requirment is to download the last modified file. So can we sort files of a ftp directory by modified date using ASP.Net code?
View 3 Replies
Aug 30, 2010
I am trying to save the xml file after modification in a diffrent location. the code is as belowServices.Save(Server.MapPath("~/ResourceFiles/data.xml"))I have given full control permission to the folder. Now sometimes the file saves properly and some times it does not save. OS is Windows 2003 server 64 bit.
View 2 Replies
Jun 23, 2010
I am using membership management and role management. As login controls transfer data in plain text, I am encrypting userid/password in javascript and decrypting in serverside code.
Client side javascript:
[Code]....
If i am commenting these last two lines in javascript code.
[Code]....
View 2 Replies
Jul 31, 2010
I am using file upload option in asp.net web application,how to display filename, date and time of file creation,modification date of file that we browse.
View 4 Replies
Feb 6, 2011
Is it possible to allow the rights that the user sees only certain files?
Eg.:
I have a file:
test1.aspx
test2.aspx
test3.aspx
These files have no separate in folders.I want to allow only the right to file test1.aspx.
View 1 Replies
Feb 20, 2010
I have the following webconfig file that redirects (once logged in) a specific user...but for some reason it's not seeing the redirect location. So, for some reason when john123 log's in he doesn't get sent to superUser.aspx. It's as if it's not seeing the location path.
View 3 Replies
Mar 16, 2010
I have a simple login screen that now has to receive its parameters from another web site. I am not sure what we have to do. The other web site, will get the user id and password. the person there is asking me, does he just redirect user tohttp://reports.ourwebsite.com:90/login.aspx?username=Bill&password=testthis is the codes: First is Login.aspx<%@ Page Language="C#" AutoEventWireup="true" CodeBehind="Login.aspx.cs" Inherits="Reports.Login" %><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> xmlns="http://www.w3.org/1999/xhtml"
>
<head runat="server">
<title>Untitled Page</title>
[code]...
View 4 Replies
Nov 19, 2010
I have a folder called /Error in the root directory for an ASP.Net site. The site is completely public, so there is no authentication of users. Inside the Error folder, I have a file called errorlog.aspx, where I log unhandled exceptions. I don't want the public to be able to view this file. I created a web.config file inside the Error folder.
[Code]....
However, I'm still able to view errorlog.aspx by typing the URL into the browser. What am I missing?
View 3 Replies
Jun 23, 2010
How can I access my GridView in Customer.aspx file from another NewUserLogin.aspx file.
How should I chnge the access to my GridView to public so that I can chnge its values from another aspx file
View 5 Replies
Mar 31, 2010
I want to pass the value to ASPX.CS file to ASPX file.
So how can i pass the value in the ASPX file.
View 8 Replies
Feb 2, 2011
I am trying to disable buttons in an aspx form. This works:
btnSave.Attributes.Add(
"onclick",
"this.disabled=true;this.value='Saving...';needToConfirm=false;" +
ClientScript.GetPostBackEventReference(btnSave, "").ToString());
But there are two buttons on the form and I want to disable both. This does not work:
btnSave.Attributes.Add(
"onclick",
"this.disabled=true;this.value='Saving...';document.getElementById(<%=btnDelete.ClientID %>).disableneedToConfirm=false;" +
ClientScript.GetPostBackEventReference(btnSave, "").ToString());
View 1 Replies
Jun 6, 2010
i would like to know if there's a combo like jCryption (jCryption) - PHP but for jQuery - ASPX.I mean, I have been searching for a combo to send data both ways (Client-server, server-client) with jQuery to ASPX. The best I found was jCryption that sends data from JavaScrpit to PHP. I need a combo to send data from JavaScrpit to ASPX.
PD: Please don't tell me to use HTTPS, it's not enough to ensure the data communication on a client - server application.
View 1 Replies
Nov 28, 2010
First of all, thank you for the attention.
I am having some trouble, I am very new to asp.net, and the last problem I had, I spent about 59 hours trying to solve, Now I have a new one !
:D well, I guess this is part of the learning process...
Well, in Visual Studio 2010, I clicked New Website. @ C# language, ... The template it gives is pretty nice, it creates a database MDF file, and a login/register setup ready to go !...
You guys can see it live AT CLICK HERE ...
Everything is working, well at least here at the local machine...
There are 2 pages in there, Default.aspX, and About.aspx ... I want to allow ONLY logged in users to view those 2 pages... I tryed a few things, added my account to a role called ADMIN,
In the web.cong I changed Allow"*" to allow"ADMIN" ... still didn't work.. Also, I was trying to avoid using roles for now, and I was trying to find a way to do this for individual pages in the same directory as well... If possible with out touching the web.config file...
View 3 Replies
Feb 10, 2010
I am able to access the controls of ".aspx" file in ".aspx.cs" directly without any declaration in ".aspx.cs" or in designer.cs. How is this possible? This is happeing only if I open website as using File System.
Create a new ASP.NET web site application with Visual Studio 2008. So following three files will be created automatically
[code]...
How btnSave is being recognized by .cs file without defining it anywhere as an object of System.Web.UI.WebControls.Button?
View 3 Replies
Jan 11, 2011
When I update a js file in my asp.net project, I refresh the browser and the change shows up as expected. If I change a css file or an .aspx file, the change does not show in the browser. Not when I clear the browser's cache, not when I restart IIS (iisrestart). What could this possibly be?
PS. I have tried chrome and firefox
View 3 Replies
Oct 5, 2010
I work in VS 2008. Whenver I add a server control(Label) and set it properties in aspx.vb and build the solution, I get the error "Label1 not declared". While analyzing this issue I noticed that the event handler statements for the Label1 where not added in the designer.asp.vb file. These statement would actually be added automatically when I drag and drop a control to my webpage.
I would also like to inform the scenario after which this problem came to me. I was working in VS 2008 , VS 2005 and VS 2003 in the same machine.Could this have caused the issue ?
Now each and everytime when I add a control, I am adding the "With Events" code in the designer page to make my build succesfull which makes me to spend more efforts.
View 2 Replies
Jun 26, 2010
i am working in asp.net and csharp, we have 10 user, but certain user only need to put dataentry. how to enable and disable based on the user to access certain form ,like add, modify view options.
View 1 Replies
Aug 18, 2010
I'm writing a simple Intranet application using windows authentication. I want to restrict access to Safe/UCantSeeMe.aspx. I am aware of the AuthorizeAttribute, but this only works on methods. I also found a good post on doing this with the MVC pattern, but I'm not using MVC. This can be done with roles in forms based security. I read on MSDN that using windows based security means roles are based on groups, but it doesn't go into any detail. how can I restrict access to Safe/UCantSeeMe.aspx?
View 1 Replies
May 4, 2010
My project is to create a UI where school districts can select dates for a school calendar.
On my calendar page I have a Calendar control, a text box for date and a select box for events. In the code behind I modified the DayRender event handler to add color to the calendar depending upon the event for that date: Holidays are green, School opens is pink, Teacher Inservice days are Aqua, etc. This all works fine. However, when I tried adding a letter to the date to correspond to the event; "O" for school open, "I" for Inservice, etc. I get multiple entries "OO", "II", etc.
[code]...
View 3 Replies
Mar 14, 2014
This project is Web Forms Web Application.
I need to allow the username to be as short as three digits while also allowing an email address to be used as the username.
Examples and documentation I come across are in C# and using MVC. I do not know MVC and I also have zero experience when it comes to security.
View 5 Replies
Apr 25, 2010
I'm trying to develop a simple web application where I need to redirect to main.aspx after successful login attempt in login.aspx page.However,it is redirecting the page to defualt.aspx... Is there a way to redirect my application to main.aspx??
View 3 Replies
Feb 10, 2011
i want to handle events that are occuring on a aspx Page specifically sharepoint webpart page .
i ddnt find anything in visual studio event receivers .
is there any way to achieve this ?
View 2 Replies
Sep 6, 2010
My requirement is that only the login page and the Register page should be accessible from anonymous users. I have created a new ASP.NET MVC project using the default template in VS2008. After that I have enabled security adding this section to the web config:
<authorization>
<deny users="?" />
</authorization>
Now the Register Action is not accessible anymore because of the security enabled. How I can do to disable security only for that Action?
View 2 Replies