Securing a HTTP PUT handler in IIS

+ Reply to Thread

+ Ask a Question

Ask a Question related to ASP.NET Security, Design and Development.

Thread Tools
Display
- Linear Mode
- Switch to Hybrid Mode
- Switch to Threaded Mode

Chris Hughes #1

Securing a HTTP PUT handler in IIS

Can someone please advise whether it is possible for a HTTP handler
(IHttpHandler) to consume HTTP PUTs without having to set both write
and execute permission on the IIS virtual dir?

I have an environment with files being uploaded to an IIS server via
HTTP PUT. I have implemented a HTTP handler to consume the PUTs, to
avoid disk I/O on the server, but this only works when both write and
execute permission are granted on the IIS virtual dir. This raises
serious security concerns.

I suspect that the problem lies in the use of PUT instead of POST.
Unfortunately, the choice of protocol is part of a legacy codebase,
that I am unable to change.

Please let me know if it is possible do this and, if so, what I am
doing wrong.

Many thanks,
Chris Hughes

Chris Hughes Guest

Reply With Quote

Similar Questions and Discussions

Send Basic HTTP authentication credential in the first HTTP request

Hello, How can I make the web service proxy class send basic authentication information in the HTTP header of the first request? My...
#19113 [Com]: HTTP status 200 returned on HTTP CONNECT when mod_proxy not in use

ID: 19113 Comment by: arafuse at bcexplorers dot com Reported By: php_new at jdc dot parodius dot com Status: ...
Use standard ASPX page as a HTTP handler

Hi I would like to use an existing ASPX page as a HTTP handler so that I can do something like this.... <system.web> <httpHandlers> <add...
DataGrid's UpdateCommand event handler and CancelCommand handler problem

I am having the same problem: the wrong event handler is being fired when column headings and page changes are clicked. I am using the datagrid...
Fast signal handler switching & thread-specific handler.

jek_bask@ngs.ru (Evgeny Baskakov) writes: This is quite likely to crash on at least some pthread implementations (especially if sigaltstack was...

+ Reply to Thread

+ Ask a Question

The Facebook Platform

« Previous Thread | Next Thread »

Posting Permissions

You may not post new threads
You may post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are Off
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On

All times are GMT. The time now is 08:36 AM.

Powered by vBulletin™ Version 4.0.5
Copyright © 2012 vBulletin Solutions, Inc. All rights reserved.

Copyright © 2006 - 2010, JustSkins.com

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139