restrict acces to simple html files

A

Anton Sommer

Hello folks,

I have my security stuff set up and it works fine for all aspx files, so a
user that want to access an aspx file in a certain folder can only access
them when being logged on correctly. But when putting a normal html file
into that folder that is only accessible by logged on users, that very file
can be accessed by everybody, you don`t need to be logged on.
So how can I secure these html files from unauthorized access?

Thank you


Anton
 
C

Chris Jackson

The problem is that you aren't passing over file access to the ASP.NET
runtime - this "handoff" occurs based on file extension, which is why
ASP.NET and ASP Classic can co-exist. Your web.config is never touched,
because the ASP.NET handlers are never invoked. You will need to either
protect using file system ACLs (assuming that you are using Windows
authentication) or else simply change the file extension to aspx on these
HTML files.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

I need help in understanding these files on my phone, Could someone help me understand these files? Urgent help needed. Please help. 1
simple_html_dom: simple use-case - getting a scipt to work 0
Issue with passing fetched data to POST form. How can I? 0
Restrict Access to Aspx Page 6
ASP.NET configuration manager - Acces Data Provider 3
Secure downloadable PDF files 2
Problem with a login script, SESSION user rights and put this together so it works with the other pages and MySQL. Code examples. 2
Acces files on remote server - problem 3

Members online

No members online now.
Total: 40 (members: 0, guests: 40)
Robots: 651

Forum statistics

Threads
473,769
Messages
2,569,582
Members
45,057
Latest member
KetoBeezACVGummies

Latest Threads

Top