ASP.Net - Unable to access Downloads folder from a web application - c#

This relates to my previous post.
https://stackoverflow.com/questions/45937117/c-sharp-unbale-to-access-
downloads-folder?noredirect=1#comment78832001_45937117
What I want is to access "Downloads" folder from an ASP.Net web application.
string pathUser =
Environment.GetFolderPath(Environment.SpecialFolder.UserProfile);
string pathDownload = Path.Combine(pathUser, "Downloads");
string commentImagePath =pathDownload +"\\test.png";
Then I realized that the above code works in a Desktop application.
That is the UserProfile is available in that "Environment", but not in the web application's environment.
I have some download happening, and the content will be downloaded to the "Downloads" folder.
That is why I need the "Downloads" folder . I need to access that content.
Please help me with this.

Think that the Downloads folder is different for each user in the system , so you'll get c:\users\usera\downloads and c:\users\userb\downloads. So when you mean Downloads, you actually mean a different physical path.
At the same time, your ASP .NET application, if hosted in IIS will impersonate a specific user, so make sure that user has enough privileges to the path of interest. Also consider that the Downloads folder might be a folder that Windows will protect by default from being accessed across accounts.
I think you'd be better off saving files to a specific folder relative to your root of the website. Otherwise try to map specific folders from your drive as a Virtual Directory in IIS so the site would see it as relative to root, whilst in reality it lives somewhere else.

Related

Asp.NET: How to send files located in a share

I'm developing an ASP.NET (webforms) web application only for our intranet company.
I've a network share / repository, say Z:\MyRepository\ , obviously outside c:\inetpub\wwwroot.
I need to "serve" these files from my web application.
My question is:
Which permissions I need to add to Z:\MyRepository\ . IIS_USR ? Others ?
How to send file ? Using Response.Transmit ?
Thanks
Normally the app pool user which your application is running under will be the user which needs access on the file share.
To simplify things in your application, you could also create a virtual directory in IIS and map it to the file share. This has a number of advantages, but mainly:
It makes it simpler to reference files from within the application.
If the network path changes, you only need to update your virtual directory.
You can also specify a different user for the virtual directory to use.

Block direct access to HTML pages

I have one website created in IIS and the root web-share has some sub-folders for stroring html files.
However, user is able to access the html files if they know the file Path for example : www.test.com\html\Page1.html
Is there any way to disable direct access for this ?
Please note that this application is hosted on IIS 7.5 and is .net application
If you really don't want end users to access them, having them under the wwwroot folder is a risk.
Move the whole structure of folder and files that you want to "hide" out of the root of your website.
You might be able to use the location tag in the web config to restrict access to certain users or roles.
https://support.microsoft.com/en-gb/help/316871/how-to-control-authorization-permissions-in-an-asp.net-application

Access a website folder from another website in the same IIS

I have 4 independent ASP websites deployed in IIS server.
I access my website images using relativePath so i have root/path_to_files (something like that).
My problem is i want to access website1 images folder from website2 and so on, web3 access web4 (you get the picture).
I tried absolutePAth but security reasons (not safe) blocked me.
I`m reading the name and path of the repositories from a file.
What can I do, without remaking all or create a central repository(and upload all files there).
EDIT 1: using url is locked but i can unlock.
I can use url to get/list folders and images and use them ? Like resolve a url in a relativePATH to other website?!
Central repository the site is allready in production it will have big impact time/benfit to do that.
Have you considered symbolic links? You can make a shared image folder. Then each folder can see that "image" folder as its own.

ASP.NET Website where to save generated files

I have a ASP.Net website and in some cases it's generating .pdf-files and .csv files for users to download.
Now my question: What is the default directory for saving that files on the webserver? Is there any ASP.NET Folder like App_... or something like that?
What can you recommend?
If you don't want to reuse the files, stream the files directly without saving it to disk.
If you save it to disk you have to ask yourself if the content of the file is to be available to all users or if it's a bad idea that other users can access the files. If it's a bad idea, the folder you put the files in should be made unavailable to the users by setting access rights correspondingly. You can either do this by putting the folder outside of the web site directory or by setting security settings in the file system or on the web server.
You can basically put the files in any folder that is made writable for the user writing the file (typically the ASP.NET App Pool user). IIRC the App_data folder is writable by default for the ASP.NET user, so that could be a candidate.
You can create your proper folder for this need
Here list of specific Folder (But you don't need):
App_GlobalResources,
App_LocalResources,
App_Resources
App_Themes
App_WebReferences)
App_Code
App_Data
App_Browsers
Here MSDN link about project structure
Link : http://msdn.microsoft.com/en-us/library/ex526337%28v=vs.100%29.aspx
It's really up to you! I would recommend you put them in a sub folder of your solution so that they are self contained and you can easily control security without worrying about folders further down the tree.
Folder is anything you tell it to be. If you have low volume you could just stream the files from memory so they're not stored on the server.
It is also important that you consider whether you are going to have more than one web server, and have servers in a cluster. To be ready for such a case, it is better not to keep the files under the web application folder, and not to access them relatively to the application path, but keep the files in a separate folder that you could easily expose (there will still be security issues) as a network path.

"Access to path denied" - Creating directory in different website but on same server

In my asp.net application, I'm trying to save a file in a different directory but on the same server and I keep getting a "Access to the path '\\12.34.56.78\d$\blah\subdomains\static\httpdocs\images\upload' is denied.
Both sites run under the same application pool on IIS7. I've added modify permissions on the Images folder for IUSR and Network Service and no change. I also added Full control for Everyone on that folder, but still nothing.
Is there something else I need to amend when uploading files to a location on the server that sits outwith the website? Would FTP be a better solution?
Thanks
EDIT Retrying this answer as the original was on a phone and almost unintelligible.
The path you are providing indicates you are trying to create folders and files via UNC path names within your application. This is not advisable. Typically, only members of a local or domain administrators group are going be authorized to access anything through that administrative share, meaning that permission tweaks to lower-level folders won't solve the problem if the core issue is access through the D$ share itself.
If you are attempting to create folders on the same physical machine, I would recommend that you simply use the machine-specific path, eg D:\folder1\folder2\etc, rather than the UNC path. Also, as an additional point (which I"m assuming is simply a typo), the UNC path provided starts with only a single slash, rather than the normal two slashes, eg \\12.34.56.789\D$...

Categories