How do you use a website URL with no obvious extension - asp.net

I am looking for any reference material for me to read up on, relating to what enables the following scenario where a website has a unique identifer appended to their domain name.
When you go to Facebook and view your profile, the URL in the address bar is something lile;
https://www.facebook.com/your_user_name.number
There is no obvious file extension, nor is the 'your_user_name.number' being passed as querystring value. I do know that I could create a folder on the web directory which is this name, and then you can direct to that folder and it will autoload the default or index files based on your web server settings. But i am not sure this is happening in this case, as then Facebook would have to create 2 billion + folders?
Browsing to your Photos on Facebook, it the url then looks like;
https://www.facebook.com/your_user_name.number/photos
I am keen to understand what this type of technical configuration is called. Happy to read up on it myself and learn about it, but I don't even know what it's called to search and read up on.
Any pointers?

What you are looking for is URL rewrite.
https://learn.microsoft.com/en-us/iis/extensions/url-rewrite-module/creating-rewrite-rules-for-the-url-rewrite-module
You can basically do whatever you want! No need for extensions or folders at all if you don’t want them anywhere.

Related

Get File Names in Web Directory with Swift

I've got an archive located at my web site with files in it that I'd like users of my app to be able to access. Files at this location may be changing so I'd like to be able download a file list that is then presented to the users, who would then click on the file(s) to download.
I think I've got the downloading handled with NSURLSession, but I can't find a direct way to get a list of the files located at http://www.example.com/archive/ in Swift. I feel like I'm missing something obvious. By the way, I'm not well versed in most aspects of "web programming" so small words would be appreciated if this involves stuff like POST and GET. Thanks.

How to search within a particular folder in alfresco

I have folders in share shared folder. Is there any way to specify share to search for a particular file in particular folder of the shared folders?
Yes, but there is no user friendly out of the box solution (I know of).
As admin, go to http://your-host.domain.name/share/page/console/admin-console/node-browser and execute a (fts-alfresco) search like the following:
PATH:"/app:company_home/app:shared//*" AND #cm\:name:"filename.txt"
This will find all files named "filename.txt" below the shared folder.
I guess you will have to customize the search UI if you want to offer that functionality in a user friendly fashion or to non admin users.
Further details are at http://wiki.alfresco.com/wiki/Search#Path_Queries
We've developed a solutions where you can search within a folder through the advanced search form: http://addons.alfresco.com/addons/alfresco-share-folder-search
It's free for download so you can look around how it's done.
In short: in 4.2.e you can send an extra param rootNode to the /slingshot/search repo webscript.
If you check the client side JavaScript in Share components/search/search.js
There is method _buildSearchParams The following params are send: site={site}&term={term}&tag={tag}&maxResults={maxResults}&sort={sort}&query={query}&repo={repo}&rootNode={rootNode}&pageSize={pageSize}&startIndex={startIndex}
So fill in the rootNode with a qnamePath or NodeRef and it will present the results of that folder.
For a possible implementation, I wrote a long post about it on the alfresco community forum .

is it possible to find hidden files on website?

If I'm hosting a website, say at http://www.example.com, how can I find files that are in the same folder as index.html if I DON'T know the filenames?
So for example, if there are these files in there:
http://www.example.com/test.txt
http://www.example.com/test1.txt
Can anyone see this list of files? If so, how can I hide them, but make each one accessible to someone who knows the names? I don't want to use a password system, if possible.
If you put index.html in that directory, so no files will be listed. If you allow to upload to that directory, so i can upload some php script to list all files in directory. IF you don't know file name, you can try to guess it :)
You can use bruteforce tools such as dirbuster, or you can look at the "/robots.txt" file for some clues on what's on the website.
By the way, you should keep in mind that most of web servers nowadays have rights management implemented, so even if there is such file on the server it may not allow you access to it without authentication.
Some hosting providers provide an option to specify whether directory listings are allowed. If enabled, and a client requests a URL for a folder that does not contain a default HTML file (index.html, default.html, default.aspx, etc), then the web server will serve up an HTML file containing a listing of the files in that folder. It is rare that this option is ever enabled, though.
but you should be accurate while inserting names of files in URL or else you can use pen-test tool which will list out some of the names for free.for attempts ot full listing of files you'll need to be a paid member i guess

Where to store images for albums?

I am creating a module of my website where I can display images in "albums", much like facebook.
For storing/grouping images, I planned on having them in the ~/Images folder inside my application's structure. Is this considered bad practice, or will it open up my application to any security vulnerabilities? I read that you shouldn't place things like this in your site structure, but I don't quite understand why (or if this is the same scenario).
Therefore, albums would be grouped as...
~/Images/album1, ~/Images/album2, etc.
Is this an appropriate thing to put inside App_Data, or is there a more 'preferred' location for things such as this?
Sorry if this is a trivial question.
All three of the answers here are good. There is no preferred storage for uploaded images, it's all up to you based on your requirements.
As Henhealg says, don't store them in App_Data. If you put them here, they will not be accessible from the web. For example, the following would not render an image even if the path was correct:
<img src="/App_Data/album1/image1.png" alt="" />
One option is to have your local ~/Albums directory mapped to a different folder accessible to the web server, like sylon says. This keeps the images out of the directory where your MVC app is served from, but "pretends" that they are there. If you control IIS and can set up a file share, this may be an option for you.
Also, like XToro says, storing them in a SQL database is an option. Storing here is flexible because you don't have to worry about folder or file name collisions. Multiple users can each have albums and files with the same names, yet they won't collide because they don't occupy filesystem space the same way normal files do. If security is important to your app (not showing photos or albums to unauthorized users), having them in a SQL table makes this fairly easy.
However if you are not as worried about security or file naming collisions, you can just as easily store them in your MVC app's ~/Images or ~/Albums directory.
Depending on the performance of your server, you may want to consider storing your images into a database using BLOB
https://dev.mysql.com/doc/refman/5.0/en/blob.html
Images can be easily sorted, organized, categorized without the need to worry about folder structures and folder permissions. Simply use your PHP/AJAX/language of your choice to provide the authentication and choose which files you wish to display.
This way, each image can have it's own fields (as many as you want) like the user who posted it, the original filename, a caption, the album it belongs in etc etc
Since you can easily as a user check where the images are stored once the application is in production, where you store the images does not matter as much as what permissions you set to the folder(s) that the images are stored in.
I would use file system as you are saying but store it outside of the application folder as you are saying it is bad practice. I agree with this - when i do deployments I prefer to delete everything and drop in the new code and keep the web.config file that way I always have a clean environment and it is much easier to get started from scratch without having to worry about what I need to back up or bring from previous install.
I would use IIS to map the directory into my solution wherever I desire from a network share storage or whereever you want to safely keep your albums.
e.g. D:\MySafeStorage\Albums\ map to your website's ~\Albums\ when your website is in C:\inetpub\MyWebSite\

In which folder can I store user uploaded images

I've a classified ads system on ASP.NET/c#/MS SQL, and I'm trying to figure out where to store the images that people upload when placing an ad. The ad itself is being stored in a SQL server database.
The images are now being stored in a subfolder of my webapp. It seems to work fine, however I only recently discovered a big problem. Everytime a user deletes an ad, the attached images are to be deleted as well including the folder they reside in. This leads to a restart of the asp.net application. I searched internet and found that restarting the web-app is actually intended behaviour when a subfolder is being deleted.
Obviously, I need to fix this. But how to do that? Where can I store images in such a way that:
I can remove these images including the folders they are stored in?
I can acces them using a URL (the images need to be shown in the
webpages)
Without getting the web-app being
restarted?
Any feedback is appreciated!
Paul
See this question Deleting a directory results in application restart
An other alternative would be to store the images in the DB instead.
Another option would be to put the images in a directory completely unrelated to the web site then serve the images through a scripted page or handler. It would make all of your image urls look like mydomaincom/serveimage.aspx?imageid=323422, but unless you're counting on the name somewhere that really shouldn't matter much. Obviously it would require a modification to the page that serves the images in the first place as well, but if sub directories of this unrelated directory are deleted IIS really shouldn't care at all.
maybe you can store the images in SQL (check at the filestream feature in this case)
if not, I suppose you have somewhere in a business facade class, a service class or wherever you want, a methode "DeleteAd".
This method will have to do two things :
-delete the sql data
-delete the file image
also, you may change the image store to another folder, outside the web app. You will probably end with writing a custom handler (myhandler.ashx?fileid=XX) to serve the files, or a custom route and control if you use MVC.

Resources