----------------------------------------------------------- New Message on BDOTNET
----------------------------------------------------------- From: Arun Raj.C Message 1 in Discussion Hi, We all know that XML is a standard format most of the sites use for managing content. Most of the sites use xml for storing data and use XSL and other stylesheets for displaying the data. The XML files can be browsed as well as a standard web page and the XML format is rendered in the browser. However, if we would like to deny users from viewing our xml format and data by directly browsing the xml file, we can use the HTTP Handlers effectively. The HTTP Handlers provide the flexibility to handle different extensions on how they are rendered and to deny access to them. To deny access to an xml or other static file, the following steps would help 1. Add the following code to your web.config file within the <system.web> & </system.web> tags. <httpHandlers> <add verb="*" path="*.xml" type="System.Web.HttpForbiddenHandler"/> </httpHandlers> 2. In the IIS, right click on your virtual directory and then click properties. 3. Click on the Configuration Button. 4. There will be a list of extensions and the executable paths. 5. Click "Add" and then in the dialog box which opens, browse the location %windir%\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll in the "Executable" box 6. Enter the extension i.e. .xml for xml files in the textbox "Extension" 7. In the "Verbs" radio button, click on "Limit to" and enter "GET,HEAD,POST,DEBUG" 8. Cick "Ok" then click "Apply" and then "Ok" two times. 9. Now if you try to browse the xml file within that application, you will a "This type of page is not served". 10. The same can be accomplished at the system level by adding the Handlers in the machine.config's http handler section. That will apply for all the asp.net applications running on that system. 11. This method is useful when we want to restrict access for certain static files like the above example. Comments are welcome. Warm Regards Arun Raj.C ----------------------------------------------------------- To stop getting this e-mail, or change how often it arrives, go to your E-mail Settings. http://groups.msn.com/BDotNet/_emailsettings.msnw Need help? If you've forgotten your password, please go to Passport Member Services. http://groups.msn.com/_passportredir.msnw?ppmprop=help For other questions or feedback, go to our Contact Us page. http://groups.msn.com/contact If you do not want to receive future e-mail from this MSN group, or if you received this message by mistake, please click the "Remove" link below. On the pre-addressed e-mail message that opens, simply click "Send". Your e-mail address will be deleted from this group's mailing list. mailto:[EMAIL PROTECTED]
