I am posting this thread for a problem that I got in trouble, reading the paragraph Making Static Files Secure pg. 213
I have put the two .txt files, Example1.txt and Example2.txt in the App_Data folder.
Then I requested the default page and I selected to from the dropdownlist the Example1.txt.
I got the http://localhost:53557/UsingFileSyst...e=example1.txt
and then I changed the URL, as follows
~/App_Data/example1.txt and I got the content of the example1.txt file !
My problem is that according to the book, on page 213
"The App_Data folder is configured so that any file it holds cannot be accessed via the browser" !
The code in the getfils.aspx.cs file is the following:
public partial class getfile : System.Web.UI.Page
protected void Page_Load(object sender, EventArgs e)
//string filename = Path.GetFileName(Request.QueryString["filename"]);
//FileInfo file = new FileInfo(Server.MapPath(Path.Combine("App_Data", filename)));
string filename = Request.QueryString["filename"];
FileInfo file = new FileInfo(Server.MapPath(filename));
I would like to thank you in advance for any response!