Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
I want to ask what the difference is between the app_data folder in a web application and in a web site .
I want to make sure that this folder is secure in web application because I put specific file in this folder which specific users only can download it.
Preventive Action to check the user is valid before downloading
Do not give the
Directory BrowsingProvision inIIS.There is basically a way in which the
Anonymous/Unauthorizeduser can Access/download yourAuthorized File. Example – You know theQuery StringValues and other user can type and download it. So, there are two ways by which you can prevent unauthorized User to download file.(a) Keep the
Web.Configin this folder and define theRoles/Userswhoever can access it.(b) In the
Page Load, you can check the page being opened is being done by theAuthorized useronly.App_DataFolder is same for both typesWeb Applicationas well asWeb Site.