Security :: Viewing Files In A Directory By Typing Path Into Url?
Apr 14, 2010
I have a directory that holds some images for my site. I have noticed that if i put in the my web sites address followed by "/directoryname/imagename.jpg"
it displays the image i have in that directory. Is there anyway to disable this or stop this from happening? so that the images can not be displayed like this
View 4 Replies
Similar Messages:
Apr 7, 2010
I have directories in my website which require authentication.
But when i type the url with the directory name it lets me see the files but doesnt allow access as users need to login.
How can i stop users viewing files if they manually type directory name in?
View 5 Replies
Sep 3, 2010
I have some images and text files that are used by web pages that are available to anonymous users and therefore those files can be viewed directly from a browser.
Is there a way to avoid this and allow the files to be viewed only when a page in the web site calls it ?
View 2 Replies
Feb 3, 2010
I have a page that shows a list of the files in an upload directory. ie: My customer uploads a file through my web page and the file ends up in the proper directory. When I click on a file name, the url path is missing the directory name. It's as if my customer uploaded directly to my root. Interestingly, when I upload a file through the same web page, the path remains intact and I am able to click on the link and download the file. How can I get the proper path in my url name. Here is my code .
[Code]....
View 1 Replies
Dec 17, 2010
I wrote a chat client 1-1 but I need a way to be able to detect if the user is typing and display "UserA is typing message..." just like MSN messenger or yahoo messenger.. how can I detect that?
View 2 Replies
Jan 21, 2010
I want to view the existing files in a directory which is "~/Images". Now the code below works fine and it shows the files (with its name and other details) in this directory very well in a data grid. The name is a hyperlink, but when I click on it, it tries to view the file in "~" (i.e current working directory) instead of "~/Images" and therefore reports the server error as - "file not found".
Also, how to implement if I want the save as option when I click on the file, so that I could save it directory locally instead of viewing it in browser?
VB Code-
Imports System.IO
Partial Class uploaddoc
Inherits System.Web.UI.Page
Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load
Dim dirInfo As New DirectoryInfo(Server.MapPath("~Images"))
articleList.DataSource = dirInfo.GetFiles("*.gif")
articleList.DataBind()
End Sub
End Class
HTML (ASP.NET) Code -
<%@ Page Language="VB" AutoEventWireup="false" CodeFile="uploaddoc.aspx.vb" Inherits="uploaddoc" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<%@ Import Namespace="System.IO" %>
<html xmlns="http://www.w3.org/1999/xhtml">
<head runat="server">
<title></title>
</head>
<body>
<form id="form1" runat="server">
<div>
<asp:DataGrid runat="server" id="articleList" Font-Name="Verdana"
AutoGenerateColumns="False" AlternatingItemStyle-BackColor="#eeeeee"
HeaderStyle-BackColor="Navy" HeaderStyle-ForeColor="White"
HeaderStyle-Font-Size="15pt" HeaderStyle-Font-Bold="True">
<Columns>
<asp:HyperLinkColumn DataNavigateUrlField="Name" DataTextField="Name"
HeaderText="File Name" />
<asp:BoundColumn DataField="LastWriteTime" HeaderText="Last Write Time"
ItemStyle-HorizontalAlign="Center" DataFormatString="{0:d}" />
<asp:BoundColumn DataField="Length" HeaderText="File Size"
ItemStyle-HorizontalAlign="Right"
DataFormatString="{0:#,### bytes}" />
</Columns>
</asp:DataGrid>
</div>
</form>
</body>
</html>
View 1 Replies
Apr 5, 2011
I need to stop people using the URL bar to get inside secure folders with web pages in when logging in , ive used roles and security trimming and have a site map which resticts users to see only the pages they are entitled to view.
View 1 Replies
May 10, 2010
I have zip files in one directory . I want to iterate through all files and check the file size. If file size <>0 kb then want to move to another directory. How can I do that?
View 6 Replies
Apr 24, 2010
I will have my asp.net site on a shared hoster. Whats the best way to prevent others hacking and viewing my code? The code I most want to secure is in usercontrols and some more code is in class modules. vb.net/MSVS2005/Ajax) Or do I secure the whole site? I also here some encypting code tools cant handle sophisticted code. Also does encryption slow down code and make the site harder to manage...
View 4 Replies
Jan 30, 2010
I used Directory.GetCurrentDirectory(); and got the following path:
C:Program FilesMicrosoft Visual Studio 9.0Common7IDE
But where I am realy at is c:c#mvcmyProject
How do I get the current directory in a controller not in c:Program Files...?
View 3 Replies
Mar 1, 2010
My basic question is, can a virtual directory in IIS point to a physical path that's not on the local machine? For instance, right now I have a virtual path /NaturalGasReport/NYMEX which points to physical path C:Program Files (x86)NymexSettleNATGAS_REPORTNYMEX, but I want it to point to a physical path on a difference PC on the same network. Is this possible? (I know I can just try it out so I apologize for asking but I thought it would be best to get an explanation along with "yes" or "no"). If you want more detail, this is what I need to do. To make a long story short, because of a vendor product we are using that won't run on a 64-bit operating system, I have to run a program called Generate_NGReportData.vbs (it's a vbscript program) on a PC I will call 28. It uses a vendor product which produces jpg files which are graphs of the Natural Gas market. The machine where I wish it could run is called RTEST01 but this machine runs a 64-bit OS and the components won't work there. RTEST01 has the databases. So, I created a datasource on 28 which points to RTEST01's database. The vbs program will read the data, generate the reports, and write one row to a database table on RTEST01. RTEST01 has to run the complimentary program which sends these reports (via email). 28 is not an email server so it can't email the reports. So on RTEST01 I will run Send_NaturalGasReport.vbs. This program creates an email body of html. The html references [URL]NaturalGasReport/NYMEX/" & Day(nymex_update_dt) & ".jpg which is a virtual directory pointing to C:Program Files (x86)NymexSettleNATGAS_REPORTNYMEX. I need it to point to the folder and files on 28.So if my initial question has a simple yes answer then I am all set. If not, examine my architecture and propose an alternative solution.
View 10 Replies
Dec 2, 2010
I'm trying to deploy my web project to my local IIS server (C:inetpubwwwrootlunchbox). By default the in is created inside the project directory - i.e lunchboxin. This setup, however, gives me the following error when I try to open the site:
When I move the in directory outside the project root (i.e C:inetpubwwwrootin), the site opens up just fine. I'm also able to test the web project from Visual Studio without any issues.
Can someone tell me why I have to move the in directory outside the project root to make the site work? What can I do to not have to do this?
View 4 Replies
Jan 21, 2010
i have a asp.net web application and i need to take a full Directory path (for ex: http:\<server><websitename>folder1 est.lst) and parse the name of the folder that has test.lst file. The directory tree can vary and i just need a generic way to parse this path and find the directory name which has the file.
View 2 Replies
Jun 1, 2010
I have a page where im listing out the files within a directory. How can i get the path to the files that are listed?
in other words, i want the path to the file to be like this:
http://server.com/files/pdfs/mypdf.pdf
but using this string url = Request.RawUrl.ToString(); returns [ http://server.com/files/pdfs/default.aspxMYPDF.PDF ]
That file is actually within a sub directory of the pdfs folder. So the link is obvisously not correct. Ive tried other suggestions found online, but those return the link like this [ http://server.com/files/pdfs/MYPDF.PDF ] again missing the subdirectory it actually belongs to.
View 8 Replies
Aug 8, 2012
I am using File upload control to upload image and store images in database
When i browse the image
My file path is D:sampleSlide1.JPG
How to i get the folder nameĀ ie 'sample' from above path?
View 1 Replies
Nov 18, 2010
To start with then we have a LinkButton whose text is actually an image tag. The image it links to is a Png and resides in a folder in the web directory. This is IIS V6 and win Server 2003.
The path is [URL]
Admin is a virtual directory configured in IIS.
The above url doesn't work but if you change it to [URL] (lowers case 'a') then the image is served, change it back to 'A' and it takes you to login, you log in and it loops back to log in. change to 'a' and voila the image is served. Weirdly this problem doesn't always occur and I have hunted for a resolution for days to no avail.
As requested this is the complete link button
<asp:LinkButton ID="lnkCommitAll" runat="server" CausesValidation="false"><asp:Image ID="imgCommitAll" runat="server" ImageUrl="~/Images/Grid/confirm_16.png" AlternateText="Commit All Changes" /> Commit All</asp:LinkButton>
View 1 Replies
Nov 17, 2010
I am trying to profile the number of "Anonymous Requests" for an ASP.NET web application using perfmon. When I select this key, I have to pick a process of the form _LM_W3SVC_#_ROOT. How do I map the IIS metabase path back to the web application?
View 1 Replies
Mar 5, 2011
I have created a setup for my application which is having both website and desktop application. i m supposed to changes connection string in both the config files at runtime. i used following code :
[code]...
View 2 Replies
Mar 18, 2010
I created a virtual directory in the Visual Web Developer, according to this post:
[URL]
I want the user to upload / download documents in the mvc app to that virtual directory. When a document is uploaded, I'm specifying the path to the document to be stored for later retrieval like so:
~/VirtualDirectoryName/FileContent.docx. But when I try to open that as a link in th app,using ResolveUrl, it appends the port number after localhost like so,[URL], I get a document not found, since it really should be, [URL].
View 1 Replies
Jan 5, 2011
In my ASP.NET's Web Config file I have the following location elements defined:
<location path="">
<system.web>
<authorization>
<deny users="?"/>
</authorization>
</system.web>
</location>
<location path="dir1">
<system.web>
<authorization>
<allow users="?"/>
</authorization>
</system.web>
</location>
<location path="dir2">
<system.web>
<authorization>
<allow users="?"/>
</authorization>
</system.web>
</location>
The example above is specifying that all directories will be locked down to anonymous users except the two directories dir1 and dir2. I'm curious if there is a syntax that I can use that will allow me to define more than one directory within one location element. For example, it would be convenient if we could do something like this...
<location path="dir1,dir2,etc">
<system.web>
<authorization>
<allow users="?"/>
</authorization>
</system.web>
</location>
View 1 Replies
Nov 18, 2010
I have an image ItemTemplate within a FormView, where the ImageUrl is the photo_file_name. However, I want to add "~/uploads/" at the begining of the photo_file_name.
Below is the code:
[Code]....
So for example, if the photo_file_name is Jellyfish.jpg I want it, the ImageUrl to be ~/uploads/Jellyfish.jpg without having to change the photo_file_name in the DB.
View 4 Replies
Feb 15, 2011
I have a javacript file (script.js, for example) in the following location:
/Website/Shared/Js/script.js
I have two pages which use this javascript, but each one of them seems to require a different path and I can't figure out how to resolve both of them.
One of them is the page:
/Website/One/Two/Three/page.aspx and this requires the path:
<script src="../../../Shared/Js/script.js" type="text/javascript"></script>
The other page is:
/Website/One/Two/page.aspx and this requires the path:
<script src="../../Shared/Js/script.js" type="text/javascript"></script>
I tried to come from the root by doing
<script src="../Shared/Js/script.js" type="text/javascript"></script>
or
<script src="/Shared/Js/script.js" type="text/javascript"></script>
but none of these seem to work. The temp solution I have found is to declare the script twice which is dumb, but that is all I can think of now.
View 2 Replies
Aug 16, 2012
I have folder in my system.
How to get folder path from my C# console application?
View 1 Replies
Sep 21, 2010
I'm using urlrewriting to rewrite my url. Let me introduce my problem by bellow example: Here is old url: http://localhost/test/pages.aspx?pageid=1 I have 2 cases to rewrite:
http://localhost/test/url-rewriting-get-start.aspx
http://localhost/test/url-rewriting/get-start.aspx
The first case is ok, but I would like to use the second case. In this case I must use root path for image, css and object tag (for flash):
With image, I modified to: <image src="~/images/icon.jpg" runat="server"/>
With css, I modified in head tag: <head runat="server">
But with the object tag, I don't know how to set root for the data, movie parameter:
<object data="anim/head.swf?xmlPath=./menu_flash.html" type="application/x-shockwave-flash" width="962" height="228">
<param name="movie" value="anim/head.swf" />
<param name="quality" value="high" />
View 2 Replies
Jan 19, 2011
I have a standard FileUpload control, which calls a class library, where the file becomes HttpPostedFile. In beta versions of my page, I've been able to successfully use HttpContext.Current.Server.MapPath(filename)to save the file. The class library does various functions, including saving the image into /uploads and a thumbnail into/thumbs.
But now, after tidying up the layout of the site, the upload aspx page has moved to a subdirectory 'members'. I had assumed (wrongly) that calling the upload function would act as normal. However, now I receive an error because of where the page is originating from: The code wants to save the file in the non-existant folder /members/uploads and /members/thumbs
My question is: Apart from hard-coding the directory structure of my hosting provider, is there any way to use an equivilent to server.mappath which will recognise the root path of the website, and ignore sub-folders?
One method which solves my problem is to append "../" to the start of the file location, eg HttpContext.Current.Server.MapPath("../" & filename) ...However, as many pages will be able to call the upload class library (and not all of them in a sub-folder) I want to make sure I'm not always back-tracking on the subfolders.
View 2 Replies