I am looking for a solution to the following problem: I have a an aspx/vb web application. Users can create some custom content that stored in XML files. I was creating, updating and saving the XML via postback to a folder in the app (not App_Data because I use javascript to read the xml files). Of course this is fine in testing on my machine, but when testing it live on the server, the I get write permission error. I have searched around. Most answers about folder permissions are about trying to give the web app permission to write locally. The few questions that resembled mine stated that it is a security issue to allow the web app to write to a folder other than App_Data. However, this will not work for me because I need JS to read the file. If I have to do a post back just to read the xml from the App_Data, I would have about 5 post-backs to make a selection (the user filters a curriculum document by selecting from a few dropdowns).
Basically, can I give permission to have the VB app write XML files to a web app folder on the server so that the JS can read the XML files? By the way, only authenticated have access to the web app.
The other option would be to save the xml file in the DB, then, on load, write the xml to a hidden div and use JS to read it from there. I don't like that option, as some of these xml file could get large over time. Any guidance would be helpful. Thank you
Technically you can set permissions so that you can write to a folder, but it is not the most secure option and I wouldn't recommend it.
I would use a generic handler (ashx file) to serve the contents of the XML files that are stored in App_Data instead. You can then request the individual fies by passing their names or ids through querystring parameters on the handler, such as: http://localhost/xmlhandler.ashx?name=myxmlfile
Here's an example of a handler in VB.NET that would serve the XML from App_Data/XMLFolder/:
Imports System.Web
Imports System.Web.Services
Imports System.IO
Public Class XMLHandler
Implements System.Web.IHttpHandler
Sub ProcessRequest(ByVal context As HttpContext) Implements IHttpHandler.ProcessRequest
context.Response.ContentType = "text/xml"
context.Response.Write(ReadXMLFile())
End Sub
Private Function ReadXMLFile() As String
Try
Using sr As New StreamReader(HttpContext.Current.Server.MapPath("~/App_Data/XMLFolder/" & HttpContext.Current.Request.QueryString("name") & ".xml"))
Dim line As String
line = sr.ReadToEnd()
Return line
End Using
Catch e As Exception
Return "The xml file could not be read."
End Try
End Function
ReadOnly Property IsReusable() As Boolean Implements IHttpHandler.IsReusable
Get
Return False
End Get
End Property
End Class
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.