I heard that it is possible to download asp pages to view the server side script. (asp classic by the way) And I want to make sure this is not possible. What steps can I take to prevent this?
This is only possible if your server is misconfigured to serve up files with the .asp extension rather than process them server side.
If you see your .asp files are being processed, the text of the script cannot be viewed by a web browser.
Related
I have a simple .aspx file that I want to run in my browser. I have installed IIS, along with all ASP.NET features, on my local machine. I am using USBWEBSERVER as a server to display my web pages.
When I put in the path of the file of my of web page (.aspx file), just like I do with all my PHP pages, I get the source code (instead of the GUI).
How can I set this up so .aspx pages will work on my machine?
I think you have to get a web server that supports ASP.NET. Right now, there's IIS Express, which is free and can host a multitude of technologies:
http://www.microsoft.com/en-us/download/details.aspx?id=1038
Hi pardon my ignorance i'm coming from an apache background.
On IIS/ASP.NET (.NET 4.0) is it possible to redirect all incoming requests to a page for for maintenance and such. I tried just using a 404 redirect but it doesn't seem to cut it.
Thanks in advance
You may use an App_Offline.html file when you want to bring an ASP.NET site into maintenance mode:
The way app_offline.htm works is that you place this file in the root
of the application. When ASP.NET sees it, it will shut-down the
app-domain for the application (and not restart it for requests) and
instead send back the contents of the app_offline.htm file in response
to all new dynamic requests for the application. When you are done
updating the site, just delete the file and it will come back online.
I'm developing a Web application, and there is a page when user must submit files which are saved into temporary folder on the server. If everything goes well, I send ajax request to the server to remove users uploaded file. But, if user closes the browser or shutdown the computer, I can't detect that.
In this case, what is the best way to gurantee that unused files are not stored forever? The site is developed in ASP.NET MVC and will be hosted on II7. Does IIS7 provides some configuration to deal with temporary files? Or I need to implement some service, which will be executed in a background with low priority and periodically check if there are "old" files to be removed?
Any help is very much appreciated.
I would have a windows service in the background to delete old files at some interval.
I'm poking my head around ASP for work and I'm not sure how it works... I'm used to being able to create a HTML, PHP, ColdFusion page, put it on the webserver and execute it.
Do I need to compile ASP pages or is that just ASPX?
I just want to create an ASP page and put it on my web server to test...
You can just create an ASP or ASPX page and put it on the server to test. The web server in all those cases (ColdFusion, PHP, ASP, ASP.NET) takes care of compiling the page when it's accessed.
In ASP, I believe it is compiled(/interpreted) every time you load it, where as in ASP.NET it's compiled on first access (which is slow) and the compiled version is available for the next page load.
I need to serve up a few .asp pages from within my ASP.NET site.
This ASP.NET site has a handler that allows us to serve up pages out of the database instead of finding them on disk (where the .asp files are located).
The problem appears to be that the .NET isapi (C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll) is catching my request... at that point, it is going to the database and not finding the file.
My question: why is ASP.NET catching my request? I would think it should come in and use the proper extension mapping for .asp (C:\WINDOWS\system32\inetsrv\asp.dll).
Is there a way to tell ASP.NET to leave the .asp files alone?
one alternative is to set up a virtual directory which only can execute .asp and without asp.net support.
It sounds like you have a wild card script mapping in your application configuration forwarding all requests into the aspnet_isapi.dll. Is the a .asp mapping to asp.dll?