Hi all I am using Webform Protected Downloads module for Drupal 6. I am facing the problem that when i go to "protected download" tab it gives me the message "You need to attach files to this node before you can configure protected downloads." Where can I attach a file to configure the "Webform Protected Downloads" module?
Go to the default drupal edit page of the given node and upload at least one attachment. Check the private checkbox for every attachment that you want to protect. Then go back to the configuration page for protected downloads. The warning should be gone now.
Related
Is it possible to change the configuration of Yii, to:
1- make Yii and the database accessible from outside the folder 'protected'
2- send data from outside the folder 'protected' to files inside 'protected'
Or is there any other solution to do this ?
thank you for any help.
It is possible since the protected folder is only protected by a .htaccess file.
If you eliminate the "defensive rules" and have the right directory/file permissions, the protected folder can be easily made accessible from outside.
However I strongly recommend not to do this, because direct access to the protected folder (as it name suggests) should be made inaccessible for standard users.
I am running a website written in ASP.net and any Excel file you download gets downloaded in Protected View. This causes an extra few clicks for the user to be able to edit it.
How can I alter this so the files always are downloaded in Unprotected View?
It is possible IF you have control over the computers who can download from your website. Than you can add your website to the trusted websites and everything will work fine.
How to do it, you have to google - our Admins had to google a lot to find it out, and I do not know the details :/
Check out the following links:
Disable Protected View in Office 2010,
https://amsterdam.jira.com/wiki/display/MAN/How+to+disable+protected+view+in+Excel+2010
Disable Protected View in Office 2007 and 2010 by using Trust
Settings,
http://helpmerick.com/solution-to-microsoft-outlook-2007-or-2010-not-opening-word-or-excel-attachments.htm
How to edit your Excel settings.
http://office.microsoft.com/en-us/excel-help/what-is-protected-view-HA010355931.aspx
What is Protected View?
"Files from the Internet and from other potentially unsafe locations can contain viruses, worms, or other kinds of malware, which can harm your computer. To help protect your computer, files from these potentially unsafe locations are opened in Protected View. By using Protected View, you can read a file and inspect its contents while reducing the risks that can occur."
Why is my file opening in Protected View?
Protected View is a read-only mode in which most editing functions have been disabled. There are several reasons why a file opens in Protected View:
The file was opened from an Internet location - When you see the message in Protected View that states This file originated from an Internet location and might be unsafe. Click for more details., this is because the file is being opened from the Internet. Files from the Internet can have viruses and other harmful content embedded in them. We recommend that you edit only the document, if you trust its contents.
The file was received as an Outlook 2010 attachment and your computer policy has defined the sender as unsafe - When you encounter the message in Protected View that states This file originated as an e-mail attachment and might be unsafe. Click for more details., this is because the file was received from a potentially unsafe sender.
The file was opened from an unsafe location - When you encounter the message in Protected View that states This file was opened from a potentially unsafe location. Click for more details. the file was opened from a folder that is unsafe. An example of an unsafe location is your Temporary Internet Files folder.
The file is blocked by File Block
File validation failure - When you encounter a message in Protected View that states Office has detected a problem with this file. Editing it may harm your computer. Click for more details. It has occurred because the file did not pass file validation.
NOTE - You can learn more about file validation failures in Problem detected with a file.
The file was opened in Protected View by using the Open in Protected View option. When you encounter the message in Protected View that states This file was opened in Protected View. Click for more details., this is because you chose to open the file in Protected View. This can be done by using the Open in Protected View option: Click the File tab. In the Microsoft Office Backstage view, click Open. On the Open dialog box, click the arrow on the Open button. From the list, select Open in Protected View. The following image is an example of Protected View appearing when Open in Protected View is selected.
IMPORTANT System administrators can extend the list of potentially unsafe locations to include additional folders also considered unsafe."
We have an application that has been developed by the third party, and I don't want to go back to them to get them to add in cache control for specific pages.
All the pages that need caching disabled are in a single directory.
The issue is that IE seems to not follow Cache-control:nocache properly, so we need to add in Pragma:nocache and cache age as well.
Is there a way to do this using configs in the directory? will it cascade through all child directories? Can it be done via the main web.config?
To be clear, I'm not looking for a way to do this via code, it needs to be via configuration of either IIS or the web.config files.
We're using ASP.NET 2.0 and 4.0, on IIS 6.0.
This can be done in IIS using the UI, it's actually quite easy, or atleast it was in my use case.
All you do is simply open up IIS manager, navigate to the site and then the directory you want to add the headers to Right Click -> properties.
Click the "Headers" tab, and add in the headers you require.
This goes recursively down the child directories, and adds the headers before any added by the code.
In IIS 7.0/7.5, you can use the StaticContent section of a web.config in each of the directories.
You can do that on global.asax
protected void Application_BeginRequest(Object sender, EventArgs e)
{
HttpApplication app = (HttpApplication)sender;
string cTheFile = HttpContext.Current.Request.Path;
if (cTheFile.Contains("/ExtraDir/"))
{
// add your header here
app.Response.AppendHeader("Pragma", "no-cache");
}
//... rest code of...
}
My default document is in subfolder not in root how can i make it default in asp.net 2.0 website.
Tried iis7 default document setting to '/pages/default.aspx'
'~/pages/default.aspx' but it didn't work.
Default document is not the same as start page. Default document means if I requested mysite.com/somefolder and didn't specify a file, which file should IIS display.
If you want to use a specific page as your home page, create a Default.aspx file and write this in it's codebehind class:
public override void ProcessRequest(HttpContext context) {
context.Response.Redirect("pages/default.aspx", true);
}
As the client might have disabled Javascript, a server side approach would be more reliable. However it's best to issue a permanent redirect instead of a simple Response.Redirect. Also doing it using JS will be bad from a SEO point of view.
You don't need to create a dummy Default.aspx page.
In your Global.asax.cs file, write the following:
public void Application_Start(object sender, EventArgs e)
{
var routeCollection = RouteTable.Routes;
routeCollection.MapPageRoute("DefaultRoute", string.Empty, "~/YourDesiredSubFolder/YourDesiredDocument.aspx");
}
Explanation:
Application_Start code is guaranteed to run once and only once on the application start.
The first line of code, gets a collection of the URL routes for your application.
The second line of code, defines a new route pointing to your inner page in the subfolder that you wish.
The second argument is empty to indicate that this route is used when there's no specific page is requested and there's no Default document existing.
Default documents are a subfolder-specific thing - what you're trying to do won't (directly) work. Set up a default.htm file in the root, and have it refresh to your real "home page".
The better question you should be asking is how on Earth your homepage got out of the root directory.
In theory you could have a Web.config file inside the directory and use the defaultDocument element to set the default document. See here: https://stackoverflow.com/a/2012079/125938.
Unfortunately I haven't been able to get it to work myself locally, but that might be because it isn't supported in the Visual Studio development server.
Say "index.html" is the default page you want and it is present in "Public" subfolder.
Instead of specifying "/Public/index.html" as the default site, try "Public/index.html"
Where can I setup custom errors for directories in my application such as App_Code, App_Browsers, etc.? I already have customErrors configured in the web.config and that works as expected. For example,
http://www.mysite.com/bla.aspx > redirects to 404 page
but
http://www.mysite.com/App_Code/ > displays "The system cannot find the file specified."
There's no physical App_Code directory for my site. Is this something that I can change in IIS?
You are trying to server content from an Protected Folder... ??
I think you might need to allow access to these folders to get the nice errors you are looking for...
http://www.webdavsystem.com/server/documentation/hosting_iis_asp_net/protected_folders
That being said... there is a reason these folders are protected.
I would never put anything i needed IIS to serve in protected folders.
But there are always reasons to do do something? i have broke a few rules in my short lifespan :)
UPDATE:
Found this when i tried this locally: http://support.microsoft.com/kb/942047/
Looks like those reserved directories throw special 404's you might be able to get IIS to Target the 404.8 type... with out opening up serving to those directories
I believe you will need to set the error pages in IIS itself, as the requests you talk about never reach the ASP.NET application. The reason your first example works is because IIS recognises the .ASPX extension and forwards it to ASP.NET.
One way is to provide a redirect in the global.asax file:
void Application_Error(object sender, EventArgs e)
{
//uncomment this to narrow down 'helpful' microsoft messages
//HttpRequest request = ((HttpApplication)sender).Context.Request;
Exception ex = Server.GetLastError();
//ErrorManager is a custom error handling module
ErrorManager.ProcessError(ex);
Response.Redirect("~/error.aspx?error=" + HttpUtility.UrlEncode(ex.Message), true);
}
{ On a side note, I was getting an exception that I just couldn't track down - it just said 'file not found' but didn't say which file was missing. It turned out to be a broken image reference in a css file - breaking on line two of the code above helped identify the missing file }
Add a Wildcard Mapping to IIS to run ALL Requests through ASP.net, then you can use Global.asax to handle the error.
Taken from here:
Follow these steps to create a wildcard script map with IIS 6.0:
Right-click a website and select Properties
Select the Home Directory tab
Click the Configuration button
Select the Mappings tab
Click the Insert button (see Figure 4)
Paste the path to the aspnet_isapi.dll into the Executable field (you can copy this path from the script map for .aspx files)
Uncheck the checkbox labeled Verify that file exists
Click the OK button