I am trying to access some assets on azure from flash. This requires a crossdomain file to be at the root of the blob, ie http://xxxxxxx.blob.core.windows.net/crossdomain.xml
I found that using Azure Storage Explorer there didn't seem to be a way of adding files to the root, I found this post http://www.odity.co.uk/articles/azure-crossdomain-xml-inside-root-of-blob-storage/ which details a programmatic approach. However I have implemented the code and tried to test and am getting the following error which suggests to me it may not be possible to add files to the root?
<Error>
<Code>OutOfRangeInput</Code>
<Message>
One of the request inputs is out of range. RequestId:5853bdc0-89ed-47f6-986e-f42badd38e75 Time:2012-06-13T09:37:58.0222882Z
</Message>
</Error>
Can anyone clarify if it is possible?
Could you post the code you're using to create the root container?
Besides that you could also use CloudBerry to create the $root container and upload files to it:
http://blog.cloudberrylab.com/2010/04/cloudberry-explorer-for-azure.html
an easy way to achieve this is to create a special (blobs) container named "$root" (root starting with a $ sign). In the url of anything placed in this container can be written as under the root, so instead of writing
http://{my-storage-url}/$root/myFile
you can use:
http://{my-storage-url}/myFile
Last step is copy to the crossdomain.xml file to the $root container. I use Visual Studio to manage files in the azure storage blobs.
see also
Working with the Root Container
Be careful when using crossdomain.xml, since it can render your site vulnerable to attacks.
Related
When I put this line in Tomcat Server .xml file under host:
<Context docBase="c:\Documents and Settings\The User\videos" path="/videos />
I can access the images without a problem when I run the project like
localhost:8080/example/videos/smile.WebM, for exmple.
The problem is when I run the server without project and still am able to access the images with the url localhost:8080/videos/smile.WebM.
The image is still available. How to restrict or deny the access to this if I directly put the url without project name it shouldn't give access to that particular folder or image it is in .
You are able to access the images in absence of project also because server.xml belongs to full tomcat but not to particular project.
My recommendation would be not to use this approach, instead store images inside project folder so that will be accessible within projects only.
I've had a very frustrating experience on putting an MVC 5 app on Azure. I have been reading the following page: http://www.asp.net/identity/overview/features-api/best-practices-for-deploying-passwords-and-other-sensitive-data-to-aspnet-and-azure
But what I haven't managed to put in my head is the following:
Security Warning: Do not add your secrets .config file to your project or check it into source control. By default, Visual Studio sets the Build Action to Content, which means the file is deployed. For more information see Why don't all of the files in my project folder get deployed? Although you can use any extension for the secrets .config file, it's best to keep it .config, as config files are not served by IIS. Notice also that the AppSettingsSecrets.config file is two directory levels up from the web.config file, so it's completely out of the solution directory. By moving the file out of the solution directory, "git add *" won't add it to your repository.
And:
Security Warning: Unlike the AppSettingsSecrets.config file, the external connection strings file must be in the same directory as the root web.config file, so you'll have to take precautions to ensure you don't check it into your source repository.
The problem is the following: When I upload the Web.config file with the external files without being included I get hit by "The System cannot find the file specified", so for it to go away I must include the .config files defeating the purpose of Microsoft's post.
I really really really do not understand. I have added the connectionStrings and appSetting's keys in Azure's portal. What is the correct and secured way of putting my passwords and secrets online? What am I missing? Is it because I'm running in Debug mode?
According to this:
How can I secure passwords stored inside web.config?
There is nothing to worry about accessing the Web.config file...
But that just defies Microsoft's post.
Thanks.
I find the following technique to be the easiest way to do this.
Instead of putting the deployment values of these settings into the web.config, I keep the test values in there instead. I then put the deployment values into the Application Settings section of the Azure Website via the Azure Portal:
When the website runs, these settings will take precedence over what is in the web.config. This helps me avoid externalized files, allows me to keep sane development configuration that the team can share, and makes deployment very easy.
The best way is to set your secrets in the Connection Strings section of the portal. Any values set there will override values you specify in your web.config file.
This way they are only exposed to people who have admin access over the site itself. Having full access to the source won't even be enough to get the secret values.
More details here
Doing a project between multiple people, and a few components (web app, services app and some others). We will be storing some information inside the Content folder of the web app so it can be accessed directly from the web server with an href, however other components outside of the web app need to access this folder as well, and since we are sharing the project between multiple people using an absolute path is not an option. What options do we have?
EDIT: Trying to explain it a little better.
What i have exactly is, a web project, a "data project" which is just a dll, a "logic" project which is another dll and a services project which is an exe/service.
Both the web project and service project consumes the methods from the logic, and the logic from the data project. Being the last one the responsable for storing data (in a database) and also in the file system.
This "filesystem" path should be configurable, and we are aiming to put it into the content folder of the web project so multimedia files can be accessed directly rather than doing a byte stream.
Now in the web.config(config file of the web app), and app.config(config file of the services app) i could set the absolute path to web/content (the same for both config files) and the data dll would use it without problems. Now the main problem is that we cannot put an absolute path in the config file because each person works on a different computer with obviously different file paths. So if i could just write something like: ~/project/Web/Content rather than C:/myfolder/stuff/blabla/project/web/content in the config files, with ~ resolving the path to the project, this is what i want! Or maybe better ideas about how to share a folder with these apps without adding absolute paths hardcoded somewhere.
What you want to use is:
Server.MapPath("/Content/filepath.ext");
This will give you the absolute path of a file based on it's position within the website, in this case, from the /Content directory.
For a program external to the website, you have a couple options;
The easiest to implement might be a simple configuration value in the external program which points to the directory. My guess is you've already decided that's not ideal, but it may be the quickest way.
Alternatively, there's a Microsoft .NET assembly which gives you easy access to IIS information (I can't recall its name off the top of my head!). You could use this assembly to find the appropriate website, and retrieve its root directory. I'll see if I can find it and get an example, or maybe someone else will see this and post an answer with that information.
Please check the following method "ResolveClientUrl"
MSDN
Use the ResolveClientUrl method to return a URL string suitable for use by the client to access resources on the Web server, such as image files, links to additional pages, and so on.
http://msdn.microsoft.com/en-us/library/system.web.ui.control.resolveclienturl.aspx
I am working with two different web sites in asp.net. In the first project i upload some images to a specific folder under the project root and save just the filename in the database, now i am trying to display this images at some page of the second project I know the filename from the database and the image folder as absolute pat but I have not been able to display the image, even thought when looking in firebug the image src is correct src="D:/MyFolder/image.jpg" the image does not display, probably because it is not pointing in the right directory.
I have also tried using Server.MapPath and then my D location but still no success.
I am sure someone has faced the same situation before and was really hoping to get some hint to manage this.
Thank you in advance
I found my solution, strange but i didn't catch it before. Uploaded pictures under a project can always be accessed using the url of the project http://www.yourwebsite.com/images/photo.png now in the second project you can use reference the images using this url and concatenating the file name which i store on database. I think this is the best solution and without changing the code access security which i think can bring other problems with it. Anyway thank you guys.
If you want to display the image that is not in your project (I mean it is present in some other project or some other drive) just create the virtual directory in IIS
Go to "Run", type inetmgr
Right click on your project and add virtual directory
Give alias name and path so that it acts like folder in your project
I don't think you can serve files outside of your application path by default. It's called Code Access Security. You can read up on it here:
http://msdn.microsoft.com/en-us/library/930b76w0.aspx
You can fix this by changing your trust level to High in your web.config:
http://msdn.microsoft.com/en-us/library/tkscy493.aspx
I wouldn't recommend doing this for any site that is externally accessible. In fact, depending on how/where you're hosting your application, this option may be restricted.
You can only "link" to files that exist relative to the same project or are hosted on another site via an absolute URL.
If you want to service files outside the application/website (on disk or in a database) you will need to build a mechanism that gets the file and binary writes it to the browser, setting the MIME type etc. This is best done using an HttpHandler.
is there anyway to do a #include with a file listed as an absolute path?
i am trying to include files from other websites (outsite the root of the sight that wants to include it)
any other suggestions?
You can only include files from your server, these may technically be outside your website if the Allow Parent Paths option is enabled or if you can use a virtual include to point to another virtual directory on your server.
There is no way to include files from websites outside of your server or sites on your server that your application does not have permissions to access.
Another way to go is to create a directory below the root folder of your website, then making that folder a symbolic link to the folder where the file you want to include is located. Now there is no way to create symbolic links in Windows out of the box, you need Microsoft Sysinternals Junction for that.
<!--#include file="c:\boot.ini"-->
There is a setting in IIS for allowing includes to parent paths, check that if the above doesn't work.
You can do it, using XMLHTTP and the VBscript Execute statement.
I wouldn't recommend it though as it creates substantial security risks.
A few links to get you started:
https://web.archive.org/web/20211020135215/https://www.4guysfromrolla.com/webtech/042602-1.shtml
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/script56/html/vsstmexecute.asp
https://web.archive.org/web/20210927184623/http://www.4guysfromrolla.com/webtech/110100-1.shtml
It is a very high security risk, because someone can inject code into your app. Take your precautions.
One tip: the page you need to load from another server needs to have an extension different from .asp because if not the other server is going to send it already executed. It seems clear but I forgot it the first time!