S
scottrm
In classic asp you could help mitigate file traversal problems by uncheking the allow parent paths option in IIS home directory/configuration/options which disallowed the use of the ../ syntax. However this does not seem to work in asp.net, any way to enforce this? Also does anyone know a good way to avoid using the ../ syntax for links apart from hard coding the full url path