Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
Say I have this url:
http://site.example/dir/
In this folder I have these files: test.ascx.cs and test.ascx
Just to be clear, I am not a .NET developer.
From a security point of view – why can’t I access http://site.example/dir/test.ascx.cs and how secure is it to keep those files there?
I assume IIS filters out request that query these kind of files, but can someone explain me this?
Thank you.
When you register ASP.NET with IIS (aspnet_regiis.exe) it will add common extensions and associate them with the ASP.NET handler. As far as the
.csextension is concerned it is filtered and not served by IIS. It is absolutely safe to have these files there, but I would recommend you to use an ASP.NET application project (in contrast to ASP.NET website) which is precompiled and you don’t need to deploy source code files on your server.(source: wewill.cn)