IIS cannot access a Folder where name ends with ".com"
Tanveer Siddiqui
PROBLEM SCENARIO :::
----------------------------------------
Assume MY WEB IS IN THE FOLLOWING DIRECTORY :
C:\INETPUB\WWWROOT.
IN THIS DIRECTORY I CREATE A DIRECTORY WITH THE NAME :
TEST.COM
AND THEN I ACCESS THIS DIRECTORY FROM THE BROWSER :
HTTP://MYWEB/TEST.COM
IIS THROWS AN ERROR AND DOES NOT ALLOW ME TO ACCESS THIS
DIRECTORY.
We also learned that it is only sensitive to ".com" so if
we change the extention from .com to anything else, such
as .exe or .dll then it works absolutely fine. IIS is
then able to access that directory.
I have also tried to URL-ENCODE THE DOT and then call the
URL. But even that did not work.
IIS is sensitive to the extention ".com"
Do you know how we can access this directory ??
According to one article I read on Microsoft Support
+++++++++++++++++++++++++++++++++++++++++++++++++++++++
"When a virtual directory name ends with an executable
extension (such as .com, .exe, .dll, or .sh), the files
in this virtual directory cannot be viewed with a Web
browser. "
My Feedback on the same :::::
You may find it strange that other extentions such as
exe, dll, sh still work with IIS. It does not give any
problems. It should have according to what they have said.
It just does'nt like .com.
http://support.microsoft.com/default.aspx?scid=kb;en-
us;275601
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Regards,
Tanveer Siddiqui.
Tom Kaminski [MVP]
news:28fa01c3a74d$60287390$3101...@phx.gbl...
I think the MSKB is pretty clear on what the answer to your question is ...
--
Tom Kaminski IIS MVP
http://www.iistoolshed.com/ - tools, scripts, and utilities for running IIS
http://mvp.support.microsoft.com/
http://www.microsoft.com/windowsserver2003/community/centers/iis/
Jeff Cochran
<tsid...@spryance.com> wrote:
>PROBLEM SCENARIO :::
>----------------------------------------
>Assume MY WEB IS IN THE FOLLOWING DIRECTORY :
>C:\INETPUB\WWWROOT.
>
>IN THIS DIRECTORY I CREATE A DIRECTORY WITH THE NAME :
>TEST.COM
>
>AND THEN I ACCESS THIS DIRECTORY FROM THE BROWSER :
>HTTP://MYWEB/TEST.COM
>
>IIS THROWS AN ERROR AND DOES NOT ALLOW ME TO ACCESS THIS
>DIRECTORY.
Seems to have broken your CAPS LOCK as well...
>We also learned that it is only sensitive to ".com" so if
>we change the extention from .com to anything else, such
>as .exe or .dll then it works absolutely fine. IIS is
>then able to access that directory.
Yup.
>I have also tried to URL-ENCODE THE DOT and then call the
>URL. But even that did not work.
>
>IIS is sensitive to the extention ".com"
Yup.
>Do you know how we can access this directory ??
You already found out how. Don't use an executable extension as the
name of a folder.
>According to one article I read on Microsoft Support
>+++++++++++++++++++++++++++++++++++++++++++++++++++++++
>"When a virtual directory name ends with an executable
>extension (such as .com, .exe, .dll, or .sh), the files
>in this virtual directory cannot be viewed with a Web
>browser. "
>My Feedback on the same :::::
>You may find it strange that other extentions such as
>exe, dll, sh still work with IIS. It does not give any
>problems. It should have according to what they have said.
>It just does'nt like .com.
>http://support.microsoft.com/default.aspx?scid=kb;en-
>us;275601
>+++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Okay, don't believe them. Don't believe me either. But if you
actually want it to work, stop using extensions in folder names. It's
a bad idea on several levels.
Jeff
David Wang [Msft]
.isa), thus you cannot use them as a non-executable (like a folder name).
Whether you are able to access the directory completely depends on the
Excute Permissions allowed in the parent directory. If the parent directory
does not have "Scripts and Executables", then the directory can be accessed
for reading, but not for scripts nor executables (so, no, you can't have
.asp or .dll inside of a directory with a .com in it).
Url-Encoding the dot cannot work because if it did, IIS would have had a
huge security problem based on canonicalization.
--
//David
IIS
This posting is provided "AS IS" with no warranties, and confers no rights.
//
"Tanveer Siddiqui" <tsid...@spryance.com> wrote in message
news:28fa01c3a74d$60287390$3101...@phx.gbl...
Jerry III
there are programs that were coded by people who were really short sighted?
Try forcing those simple file names to Russian, Chinese or Japanese users.
There's a reason why NTFS was created with Unicode file names. And just
because there are programmers too lazy to correctly work with file names
shouldn't be a reason to limit them. It's the same like too many programs
just assume your system is on the C: drive. According to your logic
Microsoft should not even allow the system to be installed anywhere else
than the first partition. And don't even think about moving your files
anywhere else than C:\My Documents.
Jerry
"Leythos" <vo...@nowhere.com> wrote in message
news:MPG.1a197916c...@news-server.columbus.rr.com...
> In article <28fa01c3a74d$60287390$3101...@phx.gbl>,
> tsid...@spryance.com says...
> > Hello,
> >
> > PROBLEM SCENARIO :::
> > ----------------------------------------
> > Assume MY WEB IS IN THE FOLLOWING DIRECTORY :
> > C:\INETPUB\WWWROOT.
> >
> > IN THIS DIRECTORY I CREATE A DIRECTORY WITH THE NAME :
> > TEST.COM
>
> Folder and File names should only contain characters A to Z and numbers
> 0 to 9. If you put any spaces, periods, etc.. or mess with extensions
> you are just asking for problems.
>
> Yes, the OS will let you create these bad file names (and folders), but
> a lot of apps will not work with them.
>
> FOLDERS should not have extensions.
>
> --
> --
> spamf...@rrohio.com
> (Remove 999 to reply to me)
Tanveer Siddiqui
Hello,
Thanx for replying to my problem. Well i do not wish to execute an asp
page or dll from the folder whose name ends in ".com". i just wish to
allow the user to view the zip files in that directory ( by giving
directory browsing allowed ) and then he should be able to download the
file using http.
I am too late to change the folder name and use a different folder name.
It would involve changes in a lot of asp pages, and these pages were
written very long ago.
Can u suggest me some work around. ???
Regards.
*** Sent via Developersdex http://www.developersdex.com ***
Don't just participate in USENET...get rewarded for it!
David Wang [Msft]
configuration properly.
In the parent directory, make sure it is "Execute Permissions: None".
Enable "Directory Browsing", "Read", and MIME Type at the appropriate level
to allow browsing/downloading.
I set up:
C:\inetpub\wwwroot\test.com directory
C:\inetpub\wwwroot\test.com\file.zip
I configured the Default website to point at C:\inetpub\webroot and set it
to have Read permission and "Execute Permissions: None", as well as
"Directory Browsing" enabled.
When I access /test.com from the URL, I see a dir listing of file.zip , and
I can click on the link to download it.
You need to make sure to set up "Directory Browsing" appropriately on your
website, and you also CANNOT have any Execute Permissions enabled when a URL
contains one of the pre-defined executable extensions I listed earlier or
else you will get 403.
What this means is if you had:
C:\inetpub\wwwroot\test.com\default.asp
and you enabled "Execute Permissions: Script" anywhere to allow default.asp
to be processed, all access to /test.com/default.asp (or /test.com/ if
default.asp is a default document) will fail, and it's by design. You said
this isn't what you need, so it shouldn't be a problem.
--
//David
IIS
This posting is provided "AS IS" with no warranties, and confers no rights.
//
"Tanveer Siddiqui" <tsid...@spryance.com> wrote in message
news:O40qcSC...@TK2MSFTNGP12.phx.gbl...