Configure ASP.NET Routing in Web.config - asp.net

Is there a way to configure ASP.NET routing in the web.config file? I do not need anything fancy. If a user visits /myApp/list, I want to load /myApp/list.html. However, I do NOT want the address bar to change.
Is this possible? If so, how?

The best way is to use UrlRewrite module in IIS: http://www.iis.net/learn/extensions/url-rewrite-module
How you make this rule into web.config after installing UrlRewrite:
<system.webServer>
<rewrite>
<rules>
<rule name="my-first-url-rule" stopProcessing="true">
<match url="^/myApp/list$" />
<action type="Rewrite" url="/myApp/list.html" appendQueryString="true" />
</rule>
</rules>
</rewrite>
</system.webServer>

As of now there is No out-of-the-box way to configure routes in web.config file.
It seems vision was/is to add new routes on Application Start.
This doesn't stop us from creating custom configuration section and reading routes from there.
These are guesses why.
Most of the time, it seems, adding new routes could be prone to introduction of routing bugs and should be followed up with good regression testing. And therefore it probably will be done as part of new product release anyway. Perhaps that could be one the reasons why it's not configurable through configuration file.
Another reason could be that routes rules can be quite complex to put them into xml format - constraints, custom route handlers,etc.

Related

Single WebApplication with multiple domain names

For example, I have a Web Application www.mywebsite.com based on classic ASP.NET and IIS 7.5. Now I registered another domain name www.mywebsite.cc. In my Web Application I want to create subfolder /cc and somehow transparently rewrite all requests from www.mywebsite.cc/something to www.mywebsite.com/cc/something. Why I need this? I want both websites to share same static variables, cache, database connections etc. Please point me what technology I must dig in order to implement what I need.
There are a couple of ways to do this, you might try URL rewriting. Your code might look something like this, but you'll need to adjust the line following string: "^something/?$|^something/(.*)$" to contain the proper match code. This should get you started and hopefully someone else will be able to comment on the proper match code.
<rewrite>
<rules>
<remove name="RedirectToUtility"/>
<rule name="RedirectToUtility" stopProcessing="true">
<match url="^something/?$|^something/(.*)$"/>
<conditions/>
<serverVariables/>
<action type="Redirect" url="http://www.mywebsite.com/cc/something/{R:1}"/>
</rule>
</rules>
</rewrite>
http://www.iis.net/learn/extensions/url-rewrite-module/using-the-url-rewrite-module

hiding the path of a file on web server

I have a webpage that host documents on iis. When linking to those files for examples say I go to
www.webpage.com/Documents/testdocuments/innerfolder/1.pdf
I get the file back and have the complete url in the address bar. Is there a way to be able to browser to
www.webpage.com/Documents/testdocuments/innerfolder/1.pdf
, and get for example
www.webpage.com/Webdocs/1.pdf
as the url in the browser. My theory was make
www.webpage.com/Documents
a virtual directory, but I am not sure if I would still be able to access my files as
www.webpage.com/Documents/testdocuments/innerfolder/1.pdf
or if I would have to use for example
www.webpage.com/Webdocs/testdocuments/innerfolder/1.pdf
which defeats the purpose really. My ultimate goal is for the physical path of the file to not be visible to the user.
Any ideas would be greatly appreciated.
Thanks,
Since you are looking only to map one path to another you should use IIS url rewriting.
<rewrite>
<rules>
<rule name="Map Docs" stopProcessing="true">
<match url="^Webdocs/([_0-9a-z-]+)" />
<action type="Rewrite" url="Documents/testdocuments/innerfolder/{R:1}" />
</rule>
</rules>
</rewrite>
The other alternative is asp.net url routing. But it would be an overkill for what you need.

What is the correct way to be able to serve up an ASP.NET MVC page with URL /areas?

I am trying to get ASP.MVC to handle the URL /areas i.e. http://example.com/areas. By convention there is a folder called Areas, so /areas never gets to my controller.
I want to be able to tell MVC to ignore this folder in this one case.
Ordinarily I would not use a name that conflicts with an existing folder but I am migrating a web application from Django to ASP.NET MVC and have a section of pages under /areas. I would prefer not to have to change all the existing URL's just because of the framework.
For performance reasons I would prefer not to configure all requests to go through the MVC pipeline.
What other solutions are there?
It might be possible to use the IIS URL Rewrite module to redirect requests to specific folder and avoid the MVC pipeline completely.
The example below is from http://learn.iis.net/page.aspx/496/iis-url-rewriting-and-aspnet-routing/ which shows how to rewrite paths to point at a static resource (Under the heading "Static content management.")
<rewrite>
<rules>
<rule name="Rewrite to new folder">
<match url="^Images/(.+)$" />
<action type="Rewrite" url="NewImages/{R:1}" />
</rule>
</rules>
</rewrite>
I'm curious if you could use an IgnoreRoute in your global.asax.cs file which would cause MVC to ignore that completely and not use the MVC processor for anything in that folder
routes.IgnoreRoute("areas/{*pathInfo}");

Multiple Country/Language Sites Under Single Web Application - TLD Routing Rewrites

I want to host multiple Top Level Domains (TLDs) off of the same web application.
Scenario: www.mywebsite.com has language sub-folders of /en-us/, /en-gb/, /fr-ca/, /ja/, etc...
So www.mywebsite.com/en-gb/ would be the UK version of the site.
UK users should go to www.mywebsite.co.uk but be routed to www.mywebsite.com/en-gb/
In IIS, I've set the bindings for this web application to handle both www.mywebsite.com and www.mywebsite.co.uk domains.
The URL Rewrite 2.0 module is added to IIS and includes this rule:
<rewrite>
<rules>
<rule name="CanonicalHostNameRule" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{HTTP_HOST}" pattern="^www\.mywebsite\.co\.uk$" />
</conditions>
<action type="Rewrite" url="http://www.mywebsite.com/en-gb/{R:1}" />
</rule>
</rules>
</rewrite>
Users who go to www.mywebsite.co.uk have the URL rewritten to www.mywebsite.com/en-gb/, however, I want the URL to remain www.mywebsite.co.uk for them, and in fact, I would want the www.mywebsite.com/en-gb/ to be rewritten to www.mywebsite.co.uk for consistency.
I'm still not even quite sure what the proper terminology is for what I want to do. So far I've run across 'multi-tenancy', 'application request routing', 'URL routing', 'URL rewriting', and a few others.
Here are a few resources I've been reading to try and figure out how best to handle this. Am I on the right track? I haven't found a good example that demonstrates doing this with TLD's.
Scott Forsyth - Multiple Domains Under One Site
Scott Guthrie - URL Routing With ASP.NET 4 Webforms
Stackoverflow - MVC Routes Based On A SubDomain

How to prevent image hotlink from your ASP.NET site?

What is the best/simplest way to prevent people hotlinking to images from my hosted ASP.NET website? I don't need to prevent all images/resources from hotlinking, I just want to prevent hotlinking to specific images/resources on a site. FYI. It's hostesd on GoDaddy.com so IIS tricks probably wont work.
Simplest way to do this is with a UrlRewrite in IIS 7.0.
https://help.maximumasp.com/KB/a738/using-url-rewrite-to-prevent-image-hotlinking.aspx
<configuration>
<system.webServer>
<rewrite>
<rules>
<rule name="PreventImageHotlinking" enabled="true" stopProcessing="true">
<match url=".*\.(gif|jpg|png)$" />
<conditions>
<add input="{HTTP_REFERER}" negate="true" pattern="^$" />
<add input="{HTTP_REFERER}" negate="true" pattern="http://www.YourDomain.com/.*" />
</conditions>
<action type="Rewrite" url="/images/hotlinking.jpg" />
</rule>
</rules>
</rewrite>
</system.webServer>
Streaming the images through an ASPX page is a good solution. Though Referrer could be hacked.
What you could do is use a unique salt (keyword) and generate against MD5 (SHA-1 or SHA-2) if you are really concerned with security. Run the current epoch time as well against this as well, this puts an expiry on images as well. Store this "keycode" in the cookies. Whenever images are served you basically pass this via the querystring. The validation happens on the ASPX on the other end. You could even regenerate a new "keycode" between each request using either an HTTPRequestModule or the Global.asax page.
There will be overhead, but it will prevent anyone from hotlinking.
You could refuse any requests for images that don't have your site in the HTTP referer header field. That's the theory. In order to control requests in your application, you'd have to stream all images through an ASP page (as opposed to linking to them directly).
One thing I've seen that I thought was clever is to add an extra portion to the bottom of the image, and then use a css sprite technique to cut it off when shown on your site. A naive hotlink will result in displaying your extra portion. This will mean the image is skewed, so it doesn't look right on the other site, and you can use the extra portion to show your own url or whatever else you want.

Resources