tags:

views:

53

answers:

3
+1  Q: 

Uploading issues with an asp.net website

I have created my first website using asp.net 3.5 . I have used App_Code for managing my source code files.

Now, after completion:

  1. List item
  2. What needs to be uploaded to the server ?
  3. Do uploading all file including webforms files, source code files make any sense ?
  4. Please provide your own suggestions apart from these.
A: 

If you are using the App_Code folder, it sounds like you are using a web site project type. In this case, the easiest thing to do is just xCopy all of the files up to the webserver. IIS will then do Just In Time compilation (JIT) the first time a page is hit, and will compile your code on the fly.

rgds,

Paul

Paul  2009-10-23 08:02:42
+2  A: 

You should look in to one of these several very good tutorials and articles about deploying ASP.NET applications.

Now to your thoughts on what should be uploaded and what not. If you understand the asp.net cycle and how the files are processed by the webserver, it would be easy to know that all files need to be uploaded. But since this is your first application you probably don't have that knowledge.

So, to save you some reading time, Upload everything. In older versions such as 1.1 you had to compile all your source-code into binaries, which you don't have to anymore, but you can, it's up to you.

I However prefere to upload all the files without compiling it to binaries, makes it easier to manage once they are on the server.

The webserver will upon request ( first request ) compile these and then use the compiled files on other requests, this is the short answer anyway, this is why the load-time is longer the first time and the other times it's ( suppose to ) go faster.

Also, worht to know is that if you change the web.config, the application will re-compile.

So just drag n' drop em' to your webb-location and start playing!

Filip Ekberg  2009-10-23 08:04:29
I don't think its a good idea to put source files on a web server like that - not when you don't have to.
d4nt  2009-10-23 08:20:10
It's a good idea for a beginner to understand more than one way. My answer clearly states that you CAN do it and that it was Mandatory in older versions of .net. But I disslike it when it's just me playing around with the files anyway.
Filip Ekberg  2009-10-23 08:23:28
I understand the concept of uploading all files. But what if, I dont want to upload source files.
pokrate  2009-10-30 15:48:52
A: 

  1. All content files (i.e. aspx, ascx, asmx, asax, js, css, htm, jpg, gif, png) and DLLs need to be deployed to the server. I recommend using the Visual Studio "Publish XXX" option on the Build menu to do this for you. It can deploy to a folder (which you can then copy to somewhere else if you like), an FTP site or to IIS.

  2. Uploading your .cs or .vb files is not necessary. It will still work if you do but it's probably safer not to. There's a remote possibility that IIS will have a vulnerability or a sysadmin will make a mistake and your source code will end up being served to the public.

  3. You could copy files using XCOPY, you could use the Visual Studio Publish option or you could do File -> New Web Setup Project and build an MSI to do it. This article and This article have more details on these options.

d4nt  2009-10-23 08:07:43
Why would uploading .cs and .vb-files be a security issue?
Filip Ekberg  2009-10-23 08:24:00
I think because you are releasing your source code to an untrusted network. If your web server is compromised, so is your source code...
Paul  2009-10-23 09:43:55
Also, if IIS was configured carelessly it may serve up your source files. That would then show where you're not properly escaping user generated input and leave you open to SQL Injection or XSS attacks. In theory no sysadmin would be stupid enough to let this happen, but it does happen. So I wouldn't recommend to people that they upload their source files.
d4nt  2009-10-23 11:04:53
And if your were to invite people over for dinner and the computer is on, they can upload the files to the internet! Seriously, we don't live in russia. And people should just learn to configure it correctly or just leave it to those who can. And if you are as dumb as letting IIS serve your source-files, maybe you should look into another profession. Also if you are so paranoid maybe your shouldn't code .NET, noone is safe.
Filip Ekberg  2009-10-23 17:01:34
OMG you leave you computer ON when people come over for dinner! ;)
d4nt  2009-10-23 20:26:11

related questions

Entity diagrams in ASP.NET MVC
Aging Data Structure in C#
.NET 3.5 Service Pack 1 causes 404 pages on ASP.NET Web App
How do I make a custom .net client profile installer?
.NET 3.5 SP1 and aspnet_client Crystal Reports
Can I create a ListView with dynamic GroupItemCount?
N2 CMS
Conditional Linq Queries
LINQ query on a DataTable
Asynchronous Remoting calls
Using EF Entity as DTO Object
WPF: How to style or disable the default ContextMenu of a TextBox
C# 2.0 code consuming assemblies compiled with C# 3.0
Using C#/WIA version 2.0 on Vista to Scan
Has anyone run performance benchmarks comparing LINQ
Beginners Guide to LINQ
Extension interface patterns
C# 3.0 Where extension method with lambda vs LINQtoObjects to filter in memory collections.
Upgrade to ASP.NET 3.x
Where can I get the Windows Workflow "wca.exe" application?
LINQ on the .NET 2.0 Runtime
Is nAnt still supported and suitable for .net 3.5/VS2008?
How do you page a collection with LINQ?
How do I get a distinct, ordered list of names from a DataTable using Linq
How do I fill a DataSet or a DataTable from a LINQ query resultset ?