What's the difference between app_data folder in web application and in web site?
Question
I want to ask what the difference is between the app_data folder in a web application and in a web site .
I want to make sure that this folder is secure in web application because I put specific file in this folder which specific users only can download it.
3 answers
solution1
3 2012-04-04 07:33:19
The App_Data folder is used by ASP.NET to store an application's local database, such as the database for maintaining membership and role information. There is be no difference between the app_data folder using a Web App or a Web Site.
Sources:
solution2
1 2012-04-04 07:45:43
As Darren answered, there is no difference.
But to your other point of using it as a secure storage location, it is protected by ASP.NET, much like the bin folder, and users cannot browse to it.
solution3
1 ACCPTED 2012-04-11 15:49:29
Preventive Action to check the user is valid before downloading
Do not give the
Directory BrowsingProvision inIIS.There is basically a way in which the
Anonymous/Unauthorizeduser can Access/download yourAuthorized File. Example - You know theQuery StringValues and other user can type and download it. So, there are two ways by which you can prevent unauthorized User to download file.(a) Keep the
Web.Configin this folder and define theRoles/Userswhoever can access it.(b) In the
Page Load, you can check the page being opened is being done by theAuthorized useronly.
App_Data Folder is same for both types Web Application as well as Web Site .
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.