How do I secure URLs in .NET?
How do I secure URLs in .NET?Let's say a user 'One' can open this pdf: http://www.someUrl.com/1.pdfbut when he manually changes the URL to http://www.someUrl.com/2.pdf I want to display the errorPdf page or something like this? Any ideas on how to do it?Thanks
What exactly do you want to do, to protect some of the files from particular users access?
RegardsWindows Hosting ASP.NET | Top ASP.NET Hosts | Dedicated Windows Hosting
My user 'One' can only see the report ...form security against security
i have a form in my website which is to be filled by user and that form stores in database(sql server 2005).
but someone told me that anyone can run script in textboxes in that form and can damage database,
so how to avoid such security lack.
it is common practice to use parameterized sql statements or stored procs to insure you are protected from sql injections attacks.
if you concatenate user input directly into a sql statement, then you are at risk.Mike Banavige~~~~~~~~~~~~Need a site code sample in a different language? Try converting it with: http://converte...non .net form issue within a .net form tag
this may be a bad question...
but I am adding a shopping cart to my asp.net website and it calls for the following code for the 'buy now' buttons:
<form method="POST" action=http://www.cart.net/cart.aspx/CartName><input type="hidden" name="ID" value="IDName"><input type="hidden" name="Describe" value="IDName Description"><input type="hidden" name="Price" value="100.00"><input type="hidden" name="QtyMax" value="1"><input t...Implementing .Net Form into an APS.net web form, can this be done
I am new here, but have been searching for a while, and may not have the correct lingo to find what I am looking for.
I am tasked with implementing a .exe application that was writen vb6 then converted to .net into a new website my team is developing. The idea is to put each of the 3 different forms in this .exe application of 3 different .aspx pages. I have attempted multiple things to get this into the page and even started to just rewrite it as an ASP.net web form, but even then I can't reuse any of the code since the System.Web.UI.Page doesn't inherit the sa...URL rewritting, compression and forms auth
I'm using custom httpmodule to add compression to web pages. I want to
also use url rewritting. I also don't want to make problems with my
forms authentication system.
Will I mess anything with forms auth by using custom BeginRequest for adding compression?
What is the best way to implement both? Maybe I should just use custom login system and forget about forms auth?
...Securing the urls to the secure pages
I write in the address bar:
And I am able to see it. It there anyway that I can make this folder "Admin" secure.
HighOnCodingWanna get high!
Use forms authentication and don't allow annonymous access to that folder. This can easily be done by making few changes in web.config file
Hope this helps
Sunny NAGIProper Preparation Prevents Poor PerformanceDont forget to click "Mark as Answer" on the post that helped you....Using Forms Auth to secure the /members directory
After I place the following Web.Config file in the /members directory...
<?xml version="1.0" encoding="utf-8" ?>
<forms name="ToDoMembers" path="/" loginUrl="login.aspx" protection="All" timeout="30">
<deny users=&quo...How to Store image url form .net to xml
hi i my web page i am list out some images. when i click button. i want sote the listed images url in xml. how to do this? give me some source
If your image list is retrieved in a dataset, you could simply use the dataset's WriteXml method to write the xml to the response stream. i.e.:MyDataSet.WriteXml(Response.OutputStream); My Blog
Hi, string filename = "pincodedata.xml"; XmlDocument xmlDoc = new XmlDocument(); XmlTextWriter xmlWriter = new XmlTextWriter(Server.MapPath("xml\\" + filename), System.Text.Encoding.UTF8); ...dot net site with forms Auth. with a Virtual Directory???
What's the deal?
Ok, I have a small asp.net app running on my home website. If I allow access to subdirectories under the main directory, everything works great. BUT...If I set up a virtual directory somewhere else on my server (and give rights to that directory for "everyone" and the aspnet web user) the app fails when trying to connect to that directory. I even added "directory browsing" and it still fails.
I'm using Forms authentication, and, like I said, if I move the dir where my app is, everything works great. SO, my question is: If I want to set up a virtual ...How to secure certain file types using Forms Auth?
right i am trying to prevent direct access to files in a certain folder without being authorised. e.g.
I have a root web config which:
<location path="secure" inheritInChildApplications="false"> <system.web> <authorization> <deny users="?" /> </authorization> </system.web> </location>
<authentication mode="Forms"> <forms name=&qu...Using Forms Auth to secure just one directory.
I think this is a fairly easy question but I can't find the answer anywhere.
I want to leave the root directory of my application open to the world, but secure the /members directory using Forms Auth with a db. How can I secure just one directory instead of the entire application using the Web.Config file?
Did you check the answer I gave!?
view post 307733Thanks,Teemu KeiskiFinland, EU
Yes, but I did't really understand your answer and I thought that maybe I had asked the question in the wrong way. I just want to secure one directory, not the entire app. Can I d...secure pdf using form auth gives strange errors
Hello, I've googled this extensively but haven't been able to find an answer to this question.Also not through the post on this forum: http://forums.asp.net/p/1020158/1378995.aspx#1378995
Having a website working with forms authentication to force a disclaimer agreement I stumbled upon the following.Users could just type in the direct url to a pdf file and then still obtain it.
So following this guide: http://geekswithblogs.net/ranganh/archive/2005/04/25/37592.aspx I was able to successfully force a redirect to the login form.
However when I tried to approach the pdf file after (s...Could PB .NET Web Form POST security Information to others web page??
This is a multi-part message in MIME format.
Have anyone came across the requesion to POST security informations from =
PB .NET web form web page to other web site??
I have tried many datys, Could any kind man give me some suggessions??
thanks & Best regards
<!DOCTYPE HTML P...URL Rewrite with URL Rewriter for .NET
I am trying to set up the URLRewriter for .NEt and am having trouble setting it up.The code I have in my web.config has all the code in the right place and The following is the URL rewrite rules:<rewriter> <rewrite url="/forums/(.+)/$" to="/forums/ViewForum.aspx?forum=$1" /> <rewrite url="/forums/(.+)/(.+)/$" to="/forums/ViewTopic.aspx?forum=$1&topic=$2" /> &nb...