Right, you can only access files ending in the four "allowed" extensions. These extensions are: .asp, .inc, .htm, and .html. -HD On Wednesday 17 April 2002 07:25 am, Randy Hinders wrote: > While checking various files and extensions I wanted to ensure that other > files were still "protected" from this. I was not able to read the > global.asa but was able to read (as expected) other asp pages.. > > http://localhost//iissamples/sdk/asp/docs/CodeBrws.asp?Source=/IISSAMPLES/% >c0%ae%c0%ae/global.asa Returned "View Active Server Page Source-- Access > Denied" to the browser. > > http://localhost//iissamples/sdk/asp/docs/CodeBrws.asp?Source=/IISSAMPLES/% >c0%ae%c0%ae/iisstart.asp Returned the source code to the browser.
This archive was generated by hypermail 2b30 : Wed Apr 17 2002 - 16:04:32 PDT