I have 4 independent ASP websites deployed in IIS server.
I access my website images using relativePath so i have root/path_to_files (something like that).
My problem is i want to access website1 images folder from website2 and so on, web3 access web4 (you get the picture).
I tried absolutePAth but security reasons (not safe) blocked me.
I`m reading the name and path of the repositories from a file.
What can I do, without remaking all or create a central repository(and upload all files there).
EDIT 1: using url is locked but i can unlock.
I can use url to get/list folders and images and use them ? Like resolve a url in a relativePATH to other website?!
Central repository the site is allready in production it will have big impact time/benfit to do that.
Have you considered symbolic links? You can make a shared image folder. Then each folder can see that "image" folder as its own.
Related
This relates to my previous post.
https://stackoverflow.com/questions/45937117/c-sharp-unbale-to-access-
downloads-folder?noredirect=1#comment78832001_45937117
What I want is to access "Downloads" folder from an ASP.Net web application.
string pathUser =
Environment.GetFolderPath(Environment.SpecialFolder.UserProfile);
string pathDownload = Path.Combine(pathUser, "Downloads");
string commentImagePath =pathDownload +"\\test.png";
Then I realized that the above code works in a Desktop application.
That is the UserProfile is available in that "Environment", but not in the web application's environment.
I have some download happening, and the content will be downloaded to the "Downloads" folder.
That is why I need the "Downloads" folder . I need to access that content.
Please help me with this.
Think that the Downloads folder is different for each user in the system , so you'll get c:\users\usera\downloads and c:\users\userb\downloads. So when you mean Downloads, you actually mean a different physical path.
At the same time, your ASP .NET application, if hosted in IIS will impersonate a specific user, so make sure that user has enough privileges to the path of interest. Also consider that the Downloads folder might be a folder that Windows will protect by default from being accessed across accounts.
I think you'd be better off saving files to a specific folder relative to your root of the website. Otherwise try to map specific folders from your drive as a Virtual Directory in IIS so the site would see it as relative to root, whilst in reality it lives somewhere else.
I have one website created in IIS and the root web-share has some sub-folders for stroring html files.
However, user is able to access the html files if they know the file Path for example : www.test.com\html\Page1.html
Is there any way to disable direct access for this ?
Please note that this application is hosted on IIS 7.5 and is .net application
If you really don't want end users to access them, having them under the wwwroot folder is a risk.
Move the whole structure of folder and files that you want to "hide" out of the root of your website.
You might be able to use the location tag in the web config to restrict access to certain users or roles.
https://support.microsoft.com/en-gb/help/316871/how-to-control-authorization-permissions-in-an-asp.net-application
I had a site in which all the images are inside a sub directory in my site. But I need to save those pictures in a specific directory and I need to show the in a client application which holds my page url.
for example: I had an url, http://foo.example.com/images/happy.jpg
the site is in c:/Example.
i'll store the images in c:/Images/categories/category1/happy.jpg
if my client request the above url, I need to redirect it to the image in the folder, where I kept all my images.
can somebody say is this possible? If possible, please suggest a way to accomplish this through url routing
The easiest way to accomplish this is to add a virtual directory to your IIS configuration for the folder where the images are held. Once the virtual directory is added you can reference the files via a URL to the virtual path. This is the best way in a production enviroment.
Technet step by step guide to adding a virtual directory
As for no authorization, you should select "Application User" (pass-through authentication). If you nest the new virtual directory inside the application's VD, you may need to add a web.config file to the virtual directory to override any authorization/deny rules in the root web.config file.
For local debugging, if the images are on your local PC, you can use a file:/// url replacing c:\ with file:/// and forward slashes instead of back slashes for the rest of the path. Don't forget to escape the slashes in the code behind by using "#".
Alternatively, a more involved solution would be configuring local IIS similar to above and using local IIS instead of the ASP.net runtime server which uses localhost:port using the link above and configuring your project to use IIS. If you are building this project over a long period of time local IIS makes the most sense. Short projects can be easily done without local IIS.
How to configure a project to use Local IIS for debugging
I have a ASP.Net website and in some cases it's generating .pdf-files and .csv files for users to download.
Now my question: What is the default directory for saving that files on the webserver? Is there any ASP.NET Folder like App_... or something like that?
What can you recommend?
If you don't want to reuse the files, stream the files directly without saving it to disk.
If you save it to disk you have to ask yourself if the content of the file is to be available to all users or if it's a bad idea that other users can access the files. If it's a bad idea, the folder you put the files in should be made unavailable to the users by setting access rights correspondingly. You can either do this by putting the folder outside of the web site directory or by setting security settings in the file system or on the web server.
You can basically put the files in any folder that is made writable for the user writing the file (typically the ASP.NET App Pool user). IIRC the App_data folder is writable by default for the ASP.NET user, so that could be a candidate.
You can create your proper folder for this need
Here list of specific Folder (But you don't need):
App_GlobalResources,
App_LocalResources,
App_Resources
App_Themes
App_WebReferences)
App_Code
App_Data
App_Browsers
Here MSDN link about project structure
Link : http://msdn.microsoft.com/en-us/library/ex526337%28v=vs.100%29.aspx
It's really up to you! I would recommend you put them in a sub folder of your solution so that they are self contained and you can easily control security without worrying about folders further down the tree.
Folder is anything you tell it to be. If you have low volume you could just stream the files from memory so they're not stored on the server.
It is also important that you consider whether you are going to have more than one web server, and have servers in a cluster. To be ready for such a case, it is better not to keep the files under the web application folder, and not to access them relatively to the application path, but keep the files in a separate folder that you could easily expose (there will still be security issues) as a network path.
This isn't a very complicated scenario really, but as I start to type out the problem I'm realizing how convoluted it can become textually. Let me try and be very clear:
First, the set up...
I have a C#/ASP.NET web application that is publicly facing on my main domain (www), let's call it www.mysite.com. Nothing fancy, just a front-end that connects to SQL to display records.
Then, I have a second C#/ASP.NET web application that is secured using forms authentication running on a subdomain, let's call it admin.mysite.com. This is a very light-weight CMS system to administer the public site.
Now, the problem...
Both of these sites run fine for basic tasks, however, my problem arises when I try to gain access to the file system for uploading. My webhost requires subdomains to run as a virtual directories under the main application in IIS (so the subdomains actually resolve/re-direct to www.mysite.com/admin when you type in admin.mysite.com), but because of this I am unable to write to my website root from the subfolder.
Let me explain a little more...
The CMS system (running as a virtual directory) gives the admin the ability to upload photos for display on the main site, the target folder of which is www.mysite.com/images - when attempting disk access from the root app, I am able to write to the virtual directory, but cannot do the opposite -- that is, write to the root from the virtual directory, getting security violations. If I can only upload to the /admin/ virtual directory, the entire point is moot because it's a secured folder that the public can't see!
The only solution I can think of is to upload the files to the /admin/ virtual directory, then call a URL in the root that moves files from /admin/ back to the root, but that is entirely ghetto.
I hope this post makes sense. Anyone else experience anything like this? The bottom line is that it seems virtual directories ONLY have access to themselves, and not their parent directories, no matter what credentials are used.
Thanks!
Somewhat unrelated to your question.
GoDaddy is not a great host due to things like you have stated. I recently went on the search for a host and wholeheartedly recommend JodoHost.com.
Some post I wrote on the matter:
http://www.ocdprogrammer.com/post/2009/12/16/The-search-for-a-web-host.aspx
http://www.ocdprogrammer.com/post/2010/01/03/JODOHostcom.aspx
However, the behavior you are seeing seems very normal to me. A sub domain not being able to access the root domain. Though with a dedicated server you could overcome this, but one of the drawbacks of a shared host.
In that case, I think I would consider using a database.
Here's how I would do it:
The files are uploaded into the /admin directory
The admin app writes the URL of the file into the database that it shares with the root app
The root app loads the URL from the database and uses it to point to the file.
I think that is the best way to approach it, under such circumstances.
You could put a webservice in your root domain "www.yoursite.com" that will receive a stream and will save this stream to disk as file. (this webservice could receive three parameters: the stream, the name of the desireed file on disk, and eventually the destination folder for the file so it will be a multi-purpose write file system)
Later, in your subdomain "subdomain.yoursite.com" you could consume the webservice (when you
upload a file, convert to stream, and send it to the webservice hosted in the root site with
appropiate parameters).