we can download other site css like right clikc their websites and we can see the css src / js src, then if we providee that filename in the address bar then it'll download, how to avoid this?
View 2 RepliesI've developed a file browser that will browser a different server shared folder. In order to get this working I'm using the unc path (\ServerSharedFolder) to return the files/folders. I've also added the following to my webconfig to get around the security <identity impersonate="true" userName="domainadmin"
password="password" />
It's simply a file browser, no create or delete functions will occur. The solution works and what I want to know is that this the safest way to do this? or the best way? I did try to use a virtual directory instead of unc path but asp.net would support this.
In asp.net c# , i want to implement auto website browsing i.e. when the user enters his user id and password on login page, the login button should be clicked automatically and a new browser should open and then the page should be redirected to desired page and then on the new page another linkbutton gets clicked and again redirect and so on.
View 1 RepliesI have directories in my website which require authentication.
But when i type the url with the directory name it lets me see the files but doesnt allow access as users need to login.
How can i stop users viewing files if they manually type directory name in?
I have a web page where I am denying anonymous users from accessing. In the web site I have a folder called FileManager. In the web app the usres have the ability to uploaded files and when they do a folder gets created under the filmanger and the files are saved. I have created a web.config in this folder that denies anonymous users. The problem is if the user knows the directory structure they can type in the url of the site add /FilManager/x/x/NameOfFile, where x are the sub directories. If the file is an image it shows the image in ie, if it is a .xls or .doc or what ever they get the prompt to either download or save the file. What am I doing wrong. Will the web.config file not stop an anonymous user from access files? I put a webpage in the folder and it is blocked and the user gets sent to the login screen, but files seem to be unsecured.
How do I block anonymous users from being able to access the files in this folder?
What i want to do is code in Global.asax file to check if current date is greater than EndDate(appsetting) it will block access to rest of the pages as what happens when using [Code]....
Moreover it will be a licencing system which will block the application after its EndDate that will be mentioned in web.config.
[Code]....
[Code]....
I know how to impersonate a user for the entire site but how best to impersonate for a block of code; WindowsImpersonationContext or NetworkCredential?
And how would this code look like?
have a project where there are main 3 types of users i have to block them from accessing other pages but without using roles or membership is there any other way to do the same?
View 3 RepliesI'm doing a project in component management system. I need to block executable files from getting uploaded. Blocking should not be based on the extensions. For example, i've a file named abc.exe i'm going to change the file extension to abc.jpg in this case that abc file should not get updated. Similar to that in gmail file attachment.
View 2 RepliesOn my website, www.pakdev.net, I create screencasts to which are streamed through silverlight.
I create a custom handler to block the download of .wmv files from the url like [URL]
But the problem is now the silverlight has also stopped streaming files.
I'm doing a project in component management system. I need to block executable files from getting uploaded. Blocking should not be based on the extensions. For example, i've a file named abc.exe i'm going to change the file extension to abc.jpg in this case that abc file should not get updated. Similar to that in gmail file attachment.
View 1 RepliesI know a user can use the following code to access the content of web.config
string connectionString = ConfigurationManager.ConnectionStrings["MyConnect"].ConnectionString;
If I set EnvironmentPermission, can I block user to access the content of web.config?
is there any java script that i can put it on my master page and block specific I.P address ? And navigate the user visiting from that blocked I.P address to a different page ?
View 8 RepliesI have a problem in my asp application. In my application I have an own authentication mechanism so in the web.config file I have <authentication mode="None"/>
Inside the application users can upload files to the folder I've created (App_Files). I would like to give access to the folder only once they are logged in (Session["Login"] is no null).
I dont want not logged in users to be able to access the files over a url address in the browser (like http://<server>/App_Files/Filename.pdf)
I have menu item on my master page that has block around the text when the page is first run. I wrote in the css on the link and visited property to change the color to match the image color that it is on. When a menu item is clicked the color changes to the right color. How do I get it to the right color on when the page first opens or is there a way to get rid of the block or make it transperant?
View 1 RepliesI have 2 separate code-block asp.Net expressions in an aspx markup, with an html content between (span element in the example below). In the first code-block, there is "i" as an increment variable for the for loop.Then the code-block is cut with an html content.And another code-block expression is opened but as I see I can reach the "i" variable which was declared in the previous code-block.
So, how asp.net handles -compiles- the pieces of code-block experrions declared in the mark up? Does it check the semi-colons and generates some anonymous methods which will end up with many calls to Response.Write in the last place?
<p>
<%for (int i = 0; i < 30; i++)
{
[code]....
I am using asp.net 2.0 with C#. I have deployed my application on IIS and while browsing it I am receiving below error:
Could not write to output file 'c:WINDOWSMicrosoft.NETFrameworkv2.0.50727Temporary ASP.NET Files
oot7179d944dd7c82aeApp_Web_adlogin.aspx.cdcab7d2.rqcxmj0e.dll'
Is there a way to stop someone from looking into the App_Themes folder, by putting it into the url, like this:
http://localhost/myapp/app_themes/
same with app_data, can those be blocked, i didn't try app_data as i don't have anything in there, but just curious, as app_themes I was able to get into. Is this an IIS setting I need to adjust?
there any way where i can make a page only accessible through a RedirectToAction? It's a bit dumb of a question given a redirect writes a URL.. I know it might sound a bit silly, but i really don't like the fact i have to be 'forced' to create a partial view to be able to make the page i want to redirect to. What i want to do is quite simply, after deleting a user account, redirecting to a page where it says, account deleted (with a bunch of other stuff), so its quite a simple task. I have no problem making a partial view here and there, but if i want to make many pages unaccessible, i think i would have to make most of the website in partial views haha. Maybe i'm getting it wrong though, i've read a couple of posts about it, including Phil Haack's ->http://haacked.com/archive/2009/11/18/aspnetmvc2-render-action.aspx But i'm still very confused about this subject,
View 5 RepliesI have an ASP.NET page :
==========================
<%@ Page Language="VB" AutoEventWireup="false" CodeFile="brent.aspx.vb" Inherits="FisEqSim_brent" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="[URL]
<head runat="server">
<title>Untitled Page</title>
</head>
<body>
<form id="form1" runat="server">
<div>
</div>
</form>
</body>
</html>
================================================
I have not add any .NET code yet. However when I try to browse to this page, I get a 404 error. I can browse to .HTM files fine, but .ASP file seem to lock up.
I would like, as administrator, list all users currently browsing the web-page (some id or something would be enough) then, what I need is to connect to that user and see what he is browsing. I have a class in my web-application, lets call it Node, in wich I store data what user is browsing. So which page he has clicked, so the next time he visit the same page, page is not rendered from db but from that Node. Is that even possible?
View 3 RepliesI am unable to browse a simple asp.net page from a remote PC through the IP address of that computer. However IIS is responding on a local computer with http://localhost and even when I type the local computer's IP address where the page is present. Computer is running XP and IIS 5.1. The message displayed on browser is "The server is taking too long to respond" however the page is just "Hello World" which displays local time.
View 4 RepliesIn my present project I have to open one site through my asp.net application and this site I have to control. And after that if we close the site the application master page should display. How I can accomplish the requirement .Any ideas will be very useful for me to start thinking on those lines.
View 3 RepliesI had deployed an asp.net 2.0 web site in IIS 7 in windows 7( with .net 4.0 installed ).
But while I am going to browse my starting page Welcome.aspx it shows error:
HTTP Error 404.0 - Not Found. The resource you are looking for has been removed, had its name changed, or is temporarily unavailable.
Is there any problem with deployment of the application?
I have a master page and inside : a music player.
<object type="application/x-shockwave-flash" data="[URL]"
width="200" height="20">
<param name="movie" value="[URL]" />
<param name="bgcolor" value="#ffffff" />
<param name="FlashVars" value="mp3=Preloader.mp3&loop=1&autoplay=1&autoload=1" />
</object>
It works and I can hear sound, but if I go to a different page, it stop (pause and return to start, I can still see it through and press play since its in my master page) How do I make it play while I'm browsing through pages? Note : The player contains a pause function and doesn't auto play so users wont be annoyed.