How do I restrict access to files with specific extensions in ASP.NET?
I have in my web application an ADO.NET Entity-Framework *.edmx file.
When I browse in the browser (when the application is running) to an edmx file, it doesn\'t sho
-
You should map the extension to the ASP.NET's
System.Web.HttpForbiddenHandlerclass inweb.config. If you are using IIS6, before you could do that, you should have mapped the extension to ASP.NET ISAPI handler.IIS7 Integrated Mode:
<system.webServer> <handlers> <add name="MyForbiddenExtensionHandler" path="*.edmx" verb="*" type="System.Web.HttpForbiddenHandler" preCondition="integratedMode" /> </handlers> </system.webServer>IIS7 Classic Mode. Something like:
<system.web> <httpHandlers> <add path="*.edmx" verb="*" type="System.Web.HttpForbiddenHandler, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" /> </httpHandlers> </system.web> <system.webServer> <handlers> <add name="MyExtensionISAPI" path="*.edmx" verb="*" modules="IsapiModule" scriptProcessor="C:\Windows\Microsoft.NET\Framework64\v2.0.50727\aspnet_isapi.dll" preCondition="classicMode,runtimeVersionv2.0,bitness64" /> </handlers> </system.webServer>IIS6 (after mapping the handler to
aspnet_isapi.dllin IIS6 configuration):<system.web> <httpHandlers> <add path="*.edmx" verb="*" type="System.Web.HttpForbiddenHandler, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" /> </httpHandlers> </system.web>讨论(0) -
You can do this two ways; firstly in the web.config or secondly in IIS
<system.web> <httpHandlers> <add verb="*" path="*.edmx" type="System.Web.HttpForbiddenHandler" /> </httpHandlers> </system.web>Here's a link to a microsoft support page that details how to do it in the web config and IIS.
http://support.microsoft.com/kb/815152
讨论(0)
加载中...
- 热议问题