Clever Geek Handbook

What's the difference between the app_data folder in a web application and a website?

I want to ask what is the difference between a folder app_data

in a web application and on the website ...

I want this folder to be protected in the web application because I put a specific file in this folder that only certain users can download.

+3


source to share


3 answers


Preventive action for user verification is valid before download

  • Do not provide Directory Browsing

    Provision to IIS

    .

  • Basically there is a way the user Anonymous/Unauthorized

    can get / download your Authorized File

    . An example . Know the value Query String

    and another user can enter and download it. Thus, there are two ways by which you can prevent an unauthorized user from downloading the file.

    (a) Save Web.Config

    in this folder and determine Roles/Users

    who has access to it.

    (b) In Page Load

    you can check that the opened page is executed with only Authorized user

    .



App_Data

The folder is the same for both types Web Application

as well Web Site

.

+1


source


The App_Data folder is used by ASP.NET to store the local application database, such as the database to maintain membership and role information. There is no difference between app_data folder using web app or website.

Sources:



http://msdn.microsoft.com/en-us/library/ex526337.aspx

http://msdn.microsoft.com/en-us/library/dd547590.aspx

+3


source


As Darren answered, there is no difference.

But for your other use as a secure storage location, it is protected by ASP.NET like the bin folder and users cannot view it.

+1


source






More articles:


All Articles