When creating a new ASP.NET application in Visual Studio, a couple of files and folders are created automatically. One of those folders is called App_Data
.
Also when publishing a website by selecting the menu option Build->Publish
a checkbox is available Include files from the App_Data folder
.
Am I right assuming that the files put in this file and its sub-folders are not going to be accessible through the web? For example, would it be safe to put in that folder resources that I only intend to be used by the application code?
What is the real intended use of the App_Data
folder?
EDIT:
Thank you for all the answers. From the answers received so far I am interested mostly in two points mentioned:
- App_Data is essentially a storage point for file-based data store
- It should not be viewable by the web and is a place for the web app to store and read data from
Would someone be able specify how the "not viewable by the web" is ensured?
Can I rely on that fact when performing standard deployment, or do I need to check some IIS settings on the server as well.
In the situation when I have a set of pdf files that I want to be accessible only from the application. Would App_Data folder be the right place to use, or should I create a separate folder and manually set IIS to ensure that it is not accessible by Web?
Question&Answers:
os 与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…