Re: WebAppication project doesn't like separate codefiles

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

re:
!> App_Code is no less secure than the bin directory

I'll take a strong exception to that...

re:
!> I don't put any of my code there myself

Why ?

re:
!> So far I have found the code that starts off in App_Code
!> migrates to the bin once it has been established.

Sure, it does, but your source code also stays in App_Code
where any two-bit programmer in your organization can see it.

I prefer to not upload source code...and obfuscate my assemblies.
Ymmv...




Juan T. Llibre, asp.net MVP
asp.net faq : http://asp.net.do/faq/
foros de asp.net, en español : http://asp.net.do/foros/
======================================
"Anthony Jones" <Ant@xxxxxxxxxxxxxxxx> wrote in message news:eRkqNZn9IHA.3544@xxxxxxxxxxxxxxxxxxxxxxx
"Juan T. Llibre" <nomailreplies@xxxxxxxxxxx> wrote in message
news:O%238CC$K9IHA.4088@xxxxxxxxxxxxxxxxxxxxxxx
re:
!> i was just curious about this App_Code thing but as you can imagine,
!> I'm not impressed at all by that functionality..

Quite frankly, I'm not too impressed with it, either, primarily from a
security viewpoint.
Uploading raw code to a server isn't a very secure approach to
programming.

Also, there's no problems like the one you're encountering.

re:
!> I can only use my product-class when using it in inline script in the
aspx-file,
!> so why come up then with the idea of code-behind in the first place?

I've evolved a personal preference which skirts the issues :

I compile assemblies with my helper classes ( my DAL layer ) from the
command-line,
and place the resulting assembly in the /bin directory.

It's quite easy then to import my namespace with

<%@ Import Namespace="DataObjects" %>

...and instantiating the SQLDATA class is uncomplicated with :

Dim RS as New SQLDATA()

It works 100% of the time with no fuss.

I'd recommend ( depending on your time availability )
you dump what you're doing now...and create your own Data Access Layer
(DAL).

Here's two pages with sample code which will help you get that done
quickly :

http://msdn.microsoft.com/en-us/library/aa581778.aspx

http://weblogs.asp.net/scottgu/archive/2006/01/15/435498.aspx



Can't say I've ever seen these problems myself. App_Code has always worked
IMO experience and thats across quite a number of clients. Unless you are
being really fussy with strong names etc being App_Code is no less secure
than the bin directory. I don't put any of my code there myself but
customers use it. Its easy and 'fudgeable' (there is no need to build dlls
to make a minor tweak).

So far I have found the code that starts off in App_Code migrates to the bin
once it has been established.

--
Anthony Jones - MVP ASP/ASP.NET




.

Relevant Pages

  • Re: WebAppication project doesnt like separate codefiles
    ... ...and instantiating the SQLDATA class is uncomplicated with: ... I'd recommend (depending on your time availability) ... you dump what you're doing now...and create your own Data Access Layer ... than the bin directory. ...
    (microsoft.public.dotnet.framework.aspnet)
  • Re: Parser Error - Could not load type
    ... Hey Dan: ... You probably do not want the secure subdirectory to be an application. ... .NET will assume it has it's own bin directory and is looking for a ... >the namespace "MyApp.secure", but when I try to load this page im getting... ...
    (microsoft.public.dotnet.framework.aspnet)
  • How secure is the Bin directory in my ASP.NET app?
    ... I house my backend application DLL's in my web app's Bin directory -- how ... secure are these DLL's in that directory? ... Thanks, Rob. ...
    (microsoft.public.dotnet.framework.aspnet.security)