Shulou(Shulou.com)06/03 Report--

This article mainly explains "the operating mechanism of .net and the way to configure each node", interested friends may wish to have a look. The method introduced in this paper is simple, fast and practical. Now let the editor to take you to learn the operating mechanism of. Net and how to configure each node.

.net provides the configuration for the current machine. -name: machine.config

How it works: when the asp.net website IIS starts, it loads the configuration information in the configuration file and caches it, so that you don't have to read the configuration information every time. The asp.net application monitors changes to the configuration file while it is running, and once the configuration information is edited, it is re-read and cached.

Profile node:

It is important to understand that a web.config file is a XML file

The name of the root node to which it belongs:

The copy code is as follows:

Child nodes:

Special:-used to specify IIS 7.0settings for Web applications, only for IIS 7.0integration mode, not for classic mode, if the application is running in classic mode, the Web.config file's

Node analysis:

1. Node

Mainly used to configure the database connection, you can add any node in the node to save the database connection string and then dynamically obtain the value of the node by code to instantiate the database connection object.

For example:

The copy code is as follows:

You can configure connections to multiple databases

In the code, traditional Chinese medicine reads the database connection object:

The copy code is as follows:

/ / read web.config node configuration

String connectionString = ConfigurationManager.ConnectionStrings ["AspNetStudyConnectionString1"] .ConnectionString

/ / instantiate SqlConnection object

SqlConnection connection = new SqlConnection (connectionString)

You can see the benefits: once the database used for development and deployment is inconsistent, you only need to use a text editing tool such as notepad to edit the value of the connectionString property.

two。 Node

Function: to store some configuration information of asp.net applications, such as the save path of uploaded files, etc.

For example, you can configure the image type:

The copy code is as follows:

-

Read the values in the node:

String FileType= ConfigurationManage.AppSettings ["FileType"];-is actually a value in the form of a key-value pair

3. Node:

Child node:

3.1. Node

Purpose: the node configures all the compilation settings used by ASP.NET. The default debug property is "true", which allows debugging, which affects the performance of the website, so it should be set to "false" after the program has been compiled and delivered.

For example:

The copy code is as follows:

3.2. Node

Function: control users' access to websites, directories, or individual pages

Set the asp.net authentication mode. There are four authentication modes, and their values are as follows:

Mode description

Windows uses Windows authentication, which is suitable for domain users or LAN users.

Forms uses form authentication and relies on site developers for authentication.

Passport uses authentication services provided by Microsoft for authentication.

None does not perform any authentication.

For example:

3.2. Node

The node is used to define some custom error messages. This node has two attributes, Mode and defaultRedirect, where the defaultRedirect attribute is an optional attribute that represents the default URL redirected to when an error occurs in the application program, or displays a general error if it is not specified. The Mode property is a required attribute that has three possible values, which represent the following meanings:

Mode description

On indicates that both local and remote users will see custom error messages.

Off disables custom error messages, and both local and remote users will see detailed error messages.

RemoteOnly indicates that local users will see detailed error messages, while remote users will see custom error messages.

It is necessary to explain the concepts of local and remote users. When the machine we use to access the asp.net application and the machine used to publish the asp.net application are the same machine, we become local users, and vice versa, we call them remote users. In order to find errors in the development and debugging phase, it is recommended to set the Mode property to Off, while in the deployment phase, the Mode property should be set to On or RemoteOnly, so as to prevent these detailed error messages from exposing the details of the program code and causing hackers to invade.

Example:

The copy code is as follows:

3.3 Child nod

There is also a child node under the node, which is mainly redirected to our custom error page according to the server's HTTP error status code. Note that for the configuration under the child node to take effect, the node's Mode attribute must be set to "On". Here is an example:

The copy code is as follows:

-- if the user does not have permission to access the requested page, it will jump to the 403.htm page

-- if the page visited by the user does not exist, it will jump to the 404.htm page.

Both 403.htm and 404.htm pages are added by ourselves.

3.4 nod

Function: it is used to deliver the user's request to the corresponding handler according to the URL and HTTP predicates of the user's request. The result is that the user cannot view or download the relevant files.

If we do not allow users to download files or certain types of files under one of our folders, we can add the corresponding child nodes to the node.

Example: create an IPData directory in our asp.net application, create an IPData.txt file in the IPData directory, and add the following configuration to Web.config

The copy code is as follows:

-the purpose of the code is to disable access to any txt files in the IPData directory

-for * .mdf, * .ldf files, Get or Post requests will be handed over to System.Web.HttpForbiddenHandler for processing, and users cannot view or download related files

3.5. Node

Used to set up the ASP.NET HTTP runtime. This section can be declared at the computer, site, application, and subdirectory levels.

For example, the following configuration controls that the maximum number of files a user can upload is 40m (40mm 1024K), the maximum timeout is 60 seconds, and the maximum number of concurrent requests is 100.

3. 6. Node

Used to indicate settings for a specific page, there are three main properties

Attribute name description

Whether buffer has HTTP response buffering enabled.

Whether enableViewStateMac should run computer Authentication check (MAC) on the view state of the page to place user tampering, defaults to false, and if set to true will cause performance degradation.

ValidateRequest verifies whether there are cross-site scripting attacks and SQL injection vulnerabilities in user input. The default is true. If a match occurs, a HttpRequestValidationException exception will be issued. Pages containing online text editors generally validate user input by themselves and set this property to false.

Here is an example of configuring a node:

3.7 nod

The node is used to configure the session state configuration of the current asp.net application. Here is a common configuration:

The above node configuration is set to enable Cookie in the asp.net application, and specifies that the session state mode is to save session state in the process, as well as a session timeout of 30 minutes.

The Mode attribute of a node can be one of the following values:

Attribute value description

Custom uses custom data to store session state data.

InProc default value. Session state data is stored by the asp.net worker process.

Off disables session state.

SQLServer uses an out-of-process SQLServer database to hold session state data.

StateServer uses the out-of-process ASP.NET state service to store state information.

Generally, InProc mode is used to store session state data by default. The advantage of this mode is that the access speed is fast, but the disadvantage is that it takes up memory, so it is not suitable to store large-scale user session data in this mode.

four

--

Purpose: when the request URL does not contain a specific file for the Web application, IIS 7.0 will provide a default file.

Within the system.webServer element, create a defaultDocument element.

Within the defaultDocument element, create a files element.

Create an add element within the files element and specify the path and name of the default file in the value attribute.

The copy code is as follows:

-configure the default file to provide the Products.aspx file as the default file

At this point, I believe you have a deeper understanding of the operating mechanism of. Net and the method of configuring each node, so you might as well do it in practice. Here is the website, more related content can enter the relevant channels to inquire, follow us, continue to learn!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.