In my article site some users decided to have their eMail address instead of user name
The problem starts when i'm trying to redirect to a page using RouteData and the URL ends with ".com" , for example "example#gmail.com" is a valid username so his personal page will be
http://www.mysite/user/example#gmail.com
live example
As you can see the it gets redirect to home page and relative path gets messed up, so images doesn't show
Can someone tell me why browsers don't like routedata in their url ending with .com ?
If you try ".net" or ".org" it will work, that's the issue with ".com" ?
In Windows, the .com extension is used to denote a type of executable file. Your question is tagged as asp.net - so I assume you are using IIS. IIS does not manage virtual directory names containing executable extensions such as: .vbs, .com, .exe, etc.
When a virtual directory name ends with an executable extension (such as .com, .exe, .dll, or .sh), the files in this virtual directory cannot be viewed with a Web browser. For more info, see here.
One option you have is to simply replace . with an underscore _ for personal pages. So your example above would be: http://www.mysite/user/example#gmail_com
Related
I have an asp.net web api project using token based authentication. my app uploaded and retrieve images and I keep file path in table_myfiles along with the uploaded user ID.
I would like the user to access only the files he have uploaded, which I can identify from the table.
How to protect my resources to restrict access to only to the user based on table_myfile ? And not to anyone without logging in or direct link / path ?
I have been searching for any possible solution for a week now , I think I should implement a middleware to manage access. But I couldn’t find any resources on how to implement the same.
Currently my api shows all resources just by directly accessing the file path/link.
The simple apporach is to remove the vitural folder, or that folders from the web site folders. That way, no simple URL exists for any of the files.
So, for a user to get/see/use/download a file? You present say a listview or some kind of grid (or repeater) that displays and lists out the files.
Then, when they want to download or view a file?
You use response.write and stream the file down to the client side.
Remember, on the server, code behind uses 100% clean and correct windows file paths. For any web based URL, then that folder must be in a valid path of the web site. When they type in a valid URL, it eventually gets translated to that given folder in the site (or a external folder provided when you create a mapped "virtual" folder in IIS. However, if you don't provide that virtual folder, or the folder is NOT in the web site file/folder sets, then no valid URL's exist. However, that folder can be directly used and hit with code behind - any valid server path/folder name is allowed in code behind.
Because when streaming the file, you need path name, file name, AND ALSO the "mine" type. Thankfully, .net 4.5 or later has this ability.
so, from a database (table) I display the file names like this:
But, if you click on the preview image, that is a image button.
The code behind simply gets/grabs the file name from the database.
I then download (stream) the file to the browser side like this:
if (File.Exists(strInternalFullPath))
{
string strConType = MimeMapping.GetMimeMapping(strInternalFullPath);
binFile = File.ReadAllBytes(strInternalFullPath);
Response.ContentType = strConType;
Response.AppendHeader("Content-Disposition", "attachment; filename=" + Path.GetFileName(strWebUrl));
Response.BinaryWrite(binFile);
Response.End();
}
else
MyToast2(this, btnLink.ClientID.ToString, "File Not found", "We no longer have this file avaiable.");
so, this buttion behaves 100% like a link, but there are no existing URL's or path name that points to the files folder from a web based URL.
Remember:
Web based URLs - they auto map from the web site URL to a existing folder.
You can use server.MapPath("some url to file") to "translate" this to a internal file name.
Code based files:
In your .net code (code behind) ANY file name is a standard plane, jane file name that points to a file on the server.
so, once we have that file name from the database, you can steam the file as if the user clicked on a link. But you never have to expose the actual file name, or file path. And no such valid URL's exist on the web site, since you do NOT have that files folder in the web site folder hierarchy - but placed that folder outside of the web site.
As long as that folder is outside of the web folders, and as long as you don't setup a virtual folder that points to that folder outside the web folders?
Then code behind can STILL get/grab/see/use any file on the server. that code uses a full valid windows file name, - but the web site will have no mapping to such a folder - hence no valid URL's will exist or can be typed in.
I have a subfolder in the web site (ASP.Net) named "wcms" which contains several files including "login.aspx" and "index.aspx". the login page checks the username and password and redirect the page to the index.aspx.
This works fine when I run it locally on the development machine, but when I call the login:
https://p3nwvpweb123.shr.prod.phx3.secureserver.net:8443/sitepreview/http/hebron-city.ps/wcms/login.aspx
it cuts out some of the path and redirects me to:
https://p3nwvpweb123.shr.prod.phx3.secureserver.net:8443/wcms/index.aspx
What could be the problem?
Do not Depend on the preview links in all your Redirects try using full path from the root Folder like here your root path including domain name is https://p3nwvpweb123.shr.prod.phx3.secureserver.net:8443/ so Redirect all your links like
Response.Redirect("~/wcms/index.aspx");
Response.Redirect("~/wcms/login.aspx");
This will remove the ambiguity of Wrong redirection.
and call your login page from url
https://p3nwvpweb123.shr.prod.phx3.secureserver.net:8443/wcms/login.aspx
not from
https://p3nwvpweb123.shr.prod.phx3.secureserver.net:8443/sitepreview/http/hebron-city.ps/wcms/login.aspx
currently I have setup my page in IIS. It can be accessed over the IP address of the server only (so something like: "127.0.0.1"). What I want to do is move the page to a sub-directory, so that if someone uses the IP addess only, he won't get to the page (404 error). I would like the page to be accessible by using something like this: "127.0.0.1/someName". This should let the user access the default page, as it is now. Is this possible?
Thanks!
You are looking for Virtual Directories.
Right click the site, and click Add Virtual Directory. Give it a name (this will be the sub directory name).
Then, just make sure your virtual directory has the correct default page configured. For example, if MyPage.aspx should be the default, then put it in as the default document.
I have a website with several subdomains that direct the user into a subfolder on my site. Inside each subfolder is a Default.aspx file which does some processing and then redirects the user to "../Default.aspx".
This works fine if you type the full URL to that page. If you try to access it through the subdomain, the ".." parent is not being parsed correctly, and just concatenates the subfolder path into the main path and I get a page not found.
The root path of my application is www.domain.com/root.
The subdomain points to subdomain.domain.com/root/subfolder
When I navigate to subdomain.domain.com, I get this error:
"404 - /root/subfolder/root/Default.aspx not found"
All I want is for subdomain.domain.com to redirect the user up one folder level to www.domain.com/root/Default.aspx
Can anyone help? Is this a feature/restriction of using a shared hosting provider - the subdomains are restricted to the folder where they are pointed?
Your description is a bit confusing, since you mix local paths and URLs together. Am I right that you are trying to do: Page at subdomain.domain.com/root/subfolder/Default.aspx redirects to www.domain.com/root/Default.aspx?
That means you want to do 2 things:
Redirect from sub-domain subdomain to sub-domain www, and
Navigate to a file one folder up.
Both things you can do in a single HTTP redirect. For this, use the Response.Redirect method, and make sure that in the URL you use the www sub-domain, and the correct absolute path to the page you want to show.
Response.Redirect("http://www.domain.com/root/Default.aspx");
Update
Or, redirect to a URL relative to the current page, in the same domain.
Response.Redirect( Page.ResolveClientUrl( "../Default.aspx" ) );
Update 2
Or, use the Host HTTP header to distinguish on subdomains and switch programatically in your shared codebase.
The answer is to point all the subdomains to the same folder (the main code base) and then in the Master file, switch based on the http header. If they are coming in from partner1.domain.com, use css1 - if they are from partner2.domain.com, use css2, etc.
This allows me to use relative paths throughout the code AND preserve the subdomain in the browser's URL bar.
One caveat - if you are testing in multiple environments (I have a DEV and a TST) you need some code to detect which environment you are in and operate a little differently, since the http header host would show something like "localhost:51510". For me, those subdomains only exist in my Production environment.
Credit to bgever - thanks!
I have just started to work for a new company as a web developer, previous research has led me to find out their site is built in asp.net which isn't a problem, I just dont have any experience in this, all my experience is html, css, php and Js.
Upon gaining access via ftp, I noticed there is no traditional index.bla, so I went to the homepage on their website, and in stead of index, it was default.aspx.
Is this "default.aspx" file the .Net replacement / equivalent of an index file, and does it work in the same way?
Yes. In IIS (the web server) you can specify which files will be shown when a directory (like the root, when accessed through http://www.sitename.tld/) is requested.
You can configure which files will be shown and in what order. Like here (IIS 6):
So when a user requests a directory on that site, IIS will search for "Default.htm", if that isn't found it'll look for "Default.asp" and so on. If none of the default documents are found, you will either see the directory's contents (disabled by default) or an error saying you can't see the directory's contents.
In Apache this is set through the DirectoryIndex directive in httpd.conf.
Yes. index is an arbitrary name that Apache defaults to. The index page can be named anything, and with IIS it is usually default.