C
Chris Hughes
Can someone please advise whether it is possible for a HTTP handler
(IHttpHandler) to consume HTTP PUTs without having to set both write
and execute permission on the IIS virtual dir?
I have an environment with files being uploaded to an IIS server via
HTTP PUT. I have implemented a HTTP handler to consume the PUTs, to
avoid disk I/O on the server, but this only works when both write and
execute permission are granted on the IIS virtual dir. This raises
serious security concerns.
I suspect that the problem lies in the use of PUT instead of POST.
Unfortunately, the choice of protocol is part of a legacy codebase,
that I am unable to change.
Please let me know if it is possible do this and, if so, what I am
doing wrong.
Many thanks,
Chris Hughes
(IHttpHandler) to consume HTTP PUTs without having to set both write
and execute permission on the IIS virtual dir?
I have an environment with files being uploaded to an IIS server via
HTTP PUT. I have implemented a HTTP handler to consume the PUTs, to
avoid disk I/O on the server, but this only works when both write and
execute permission are granted on the IIS virtual dir. This raises
serious security concerns.
I suspect that the problem lies in the use of PUT instead of POST.
Unfortunately, the choice of protocol is part of a legacy codebase,
that I am unable to change.
Please let me know if it is possible do this and, if so, what I am
doing wrong.
Many thanks,
Chris Hughes