|
Disabling direct HTTP access to certain folders on server
Hi
I am using .Net Framework 1.1. There are some XSL files in a folder of my web application. I want to restrict a user from directly accessing these files - e.g. I want to display a forbidden page when he types the URL http://Myserver.com/MyApp/XMLFolder/pqr.xsl However the ASP.Net application should be able to access these files i.e. it should be able to apply the XSL Stylesheets to the corresponding XML files. It would be a great help if someone could let me know how to do the same Thanks Vikas |
Re: Disabling direct HTTP access to certain folders on server
Hi,
find more info here: http://www.leastprivilege.com/Protec...hASPNET20.aspx http://www.leastprivilege.com/MoreOn...hASPNET20.aspx in your case you only have to map the .xsl extension in iis to aspnet_isapi and put a HttpNotFoundHandler in place... --------------------------------------- Dominick Baier - DevelopMentor http://www.leastprivilege.com > Hi > I am using .Net Framework 1.1. There are some XSL files in a folder of > my > web application. I want to restrict a user from directly accessing > these > files - e.g. I want to display a forbidden page when he types the URL > http://Myserver.com/MyApp/XMLFolder/pqr.xsl > However the ASP.Net application should be able to access these files > i.e. it > should be able to apply the XSL Stylesheets to the corresponding XML > files. > It would be a great help if someone could let me know how to do the > same > Thanks > Vika |
Re: Disabling direct HTTP access to certain folders on server
Hi Dominick
I tried that - but the problem is that this prevents the xsl file being applied to the corresponding xml file. Actually, let me clarify. There is a static aspx page, which contains an iframe that hosts the xml. The xsl is applied to this xml. If I apply an HttpForbiddenHandler to xsl files, the stylesheet doesnt get applied at all and the frame displays "Cannot view XML input using XSL style sheet". Thanks in advance. Vikas "Dominick Baier [DevelopMentor]" wrote: > Hi, > > find more info here: > > http://www.leastprivilege.com/Protec...hASPNET20.aspx > http://www.leastprivilege.com/MoreOn...hASPNET20.aspx > > in your case you only have to map the .xsl extension in iis to aspnet_isapi > and put a HttpNotFoundHandler in place... > > --------------------------------------- > Dominick Baier - DevelopMentor > http://www.leastprivilege.com > > > Hi > > I am using .Net Framework 1.1. There are some XSL files in a folder of > > my > > web application. I want to restrict a user from directly accessing > > these > > files - e.g. I want to display a forbidden page when he types the URL > > http://Myserver.com/MyApp/XMLFolder/pqr.xsl > > However the ASP.Net application should be able to access these files > > i.e. it > > should be able to apply the XSL Stylesheets to the corresponding XML > > files. > > It would be a great help if someone could let me know how to do the > > same > > Thanks > > Vikas > > > |
Re: Disabling direct HTTP access to certain folders on server
well - if you need to access the .xsl from "outside" the web server this
won't help you. --------------------------------------- Dominick Baier - DevelopMentor http://www.leastprivilege.com > Hi Dominick > I tried that - but the problem is that this prevents the xsl file > being > applied to the corresponding xml file. > Actually, let me clarify. There is a static aspx page, which contains > an > iframe that hosts the xml. The xsl is applied to this xml. > If I apply an HttpForbiddenHandler to xsl files, the stylesheet doesnt > get > applied at all and the frame displays "Cannot view XML input using XSL > style > sheet". > Thanks in advance. > Vikas > "Dominick Baier [DevelopMentor]" wrote: > >> Hi, >> >> find more info here: >> >> http://www.leastprivilege.com/Protec...cesWithASPNET2 >> 0.aspx >> http://www.leastprivilege.com/MoreOn...ourcesWithASPN >> ET20.aspx >> >> in your case you only have to map the .xsl extension in iis to >> aspnet_isapi and put a HttpNotFoundHandler in place... >> >> --------------------------------------- >> Dominick Baier - DevelopMentor >> http://www.leastprivilege.com >>> Hi >>> I am using .Net Framework 1.1. There are some XSL files in a folder >>> of >>> my >>> web application. I want to restrict a user from directly accessing >>> these >>> files - e.g. I want to display a forbidden page when he types the >>> URL >>> http://Myserver.com/MyApp/XMLFolder/pqr.xsl >>> However the ASP.Net application should be able to access these files >>> i.e. it >>> should be able to apply the XSL Stylesheets to the corresponding XML >>> files. >>> It would be a great help if someone could let me know how to do the >>> same >>> Thanks >>> Vikas |
| All times are GMT. The time now is 02:26 AM. |
Powered by vBulletin®. Copyright ©2000 - 2013, vBulletin Solutions, Inc.
SEO by vBSEO ©2010, Crawlability, Inc.