create an ASP.NET page dynamically and save to web server

  • Thread starter Thread starter Joe Bonavita
  • Start date Start date
J

Joe Bonavita

Is there a way to create a page dynamically and save it back to the web
server? I need to be able to create custom pages for people.

Thanks,
Joe
 
Hi

You can do that, but you would need to have write permission on that directory, which is a potential attack point. So, make sure you do it. If you are use u can do it by creating a new file with extension whatever u want, and writing it in a proper structure.

Regards,
Bhaskardeep Khaund
 
Now I have to deal with the write problem to the server.
If I try and write the file it prompts me for the user/pw for the server. Of
course this isn't what I want.

I thought that as long as ASPNET user has access this will work. Is this not
correct?
 
Hi

Set write permission for the user MACHINE\IUSER_MACHINE for that particular directory.

Bhaskardeep Khaund
 
Does MACHINE refer to the machine the server is running on? Does this cause a big security risk?

Hi

Set write permission for the user MACHINE\IUSER_MACHINE for that particular directory.

Bhaskardeep Khaund
 
Hi,

MACHINE refers to ur machine name. Yes, write permission can create a backdoor, b'coz anybody can upload an exe file and run it.

Bhaskardeep

Does MACHINE refer to the machine the server is running on? Does this cause a big security risk?

Hi

Set write permission for the user MACHINE\IUSER_MACHINE for that particular directory.

Bhaskardeep Khaund
 
So what would be another way of doing this? I know a lot of web sites create pages on the fly and email a link to this new page that expires in a given length of time.

Hi,

MACHINE refers to ur machine name. Yes, write permission can create a backdoor, b'coz anybody can upload an exe file and run it.

Bhaskardeep

Does MACHINE refer to the machine the server is running on? Does this cause a big security risk?

Hi

Set write permission for the user MACHINE\IUSER_MACHINE for that particular directory.

Bhaskardeep Khaund
 
This can be done with a HttpHandler that dynamically creates a page that can expire, and/or only allow certain users to see the page. You can pretty much do whatever you want with the HttpHandler. That link can be sent to the HttpHandler page which would enforce the expiration rule.
So what would be another way of doing this? I know a lot of web sites create pages on the fly and email a link to this new page that expires in a given length of time.

Hi,

MACHINE refers to ur machine name. Yes, write permission can create a backdoor, b'coz anybody can upload an exe file and run it.

Bhaskardeep

Does MACHINE refer to the machine the server is running on? Does this cause a big security risk?

Hi

Set write permission for the user MACHINE\IUSER_MACHINE for that particular directory.

Bhaskardeep Khaund
 
any examples of how to do this? (I'm new to ASP.NET)
This can be done with a HttpHandler that dynamically creates a page that can expire, and/or only allow certain users to see the page. You can pretty much do whatever you want with the HttpHandler. That link can be sent to the HttpHandler page which would enforce the expiration rule.
So what would be another way of doing this? I know a lot of web sites create pages on the fly and email a link to this new page that expires in a given length of time.

Hi,

MACHINE refers to ur machine name. Yes, write permission can create a backdoor, b'coz anybody can upload an exe file and run it.

Bhaskardeep

Does MACHINE refer to the machine the server is running on? Does this cause a big security risk?

Hi

Set write permission for the user MACHINE\IUSER_MACHINE for that particular directory.

Bhaskardeep Khaund
 
Back
Top