ASP.Net – Frequently Asked Questions
What is the Data Directory?
There are times when sensitive information, such as database connection strings, may need to be available for a web site to use, but that you would never want a visitor to see under any circumstances. Alternatively, there may be a need to upload files but the Web Services Writable File and Directory Standard forbids writing files to the web root. In both these cases, the DATA directory is a safe location that is not addressable by a web browser, but is still available to the web site’s code to use.
How would I make use of it?
Without going into specific coding examples, a high level view of how you might make use of the DATA directory in your ASP.Net (or classic ASP) code would be:
- Start with the document root of your web site. This should result in a path like:
- D:\web\root\www.purdue.edu\itap\webservices
- Replace the “web\root” part of the path with “web\data” (the rest should stay the same). This gives you your “data” root and should result in a path like:
- D:\web\data\www.purdue.edu\itap\webservices
- Open and read (or write) files relative to this path.
- Use the data read.
- Close the file.
For the clustered environment tiers qa and production, files are replicated between the servers by Microsoft Distributed File Services Replication. Please note that while it does a reasonably good job if multiple servers write to the same file without overlapping in time, it cannot handle overlapping writes (such as you might get from a log file). It is your responsibility to guard against this in some fashion. However, for multiple readers, there are no problems.
It is not possible to create a URL or reference that would allow you to have a visitor directly access one of these files. That is kind of the point. Instead, if you need to have a visitor be able to see a file in the DATA directory, your code must open the file, read its contents, and send it to the visitor’s browser with appropriate headers that the browser can interpret the data correctly. We hope to have an example of such code online in the future.
Can my application write to my site’s HTML directory?
No. Writing to a site’s HTML directory is a surefire way to get a site compromised or defaced. Please refer to our Writable Files and Directories standard.
Can my application write to my site’s DATA directory?
Yes, with caution. Files written to the site’s DATA directory are replicated to the other server(s) in the cluster (where multiple servers exist) but this replication is not foolproof in the face of multiple writers to the same file. See the question How does my Data directory stay in sync between the two servers? for more information. Additionally, files written to your site’s DATA directory cannot be served directly to a visitor. They instead must be read by your site’s application code and delivered to the visitor with appropriate headers so that the recipient knows what to do with it.
How does my DATA directory stay in sync between the two servers?
At the QA and Production tiers, there are two servers in a cluster. Using Microsoft’s Distributed File System Replication (DFSR), the two systems cooperatively replicate changes between each other. However, this replication is at the file level, and not at the change or “byte” level. So if the two machines should write to the same file at nearly the same time (such as might happen with a log file on a busy web site), it is possible that some of the changes might get lost. Keep this in mind when planning to write files in the DATA directory.
Is ASP.Net Core available?
At this time, no. ASP.Net Core is not a simple upward compatible replacement for ASP.Net. It requires a different way of thinking about the web server interface and how the system should be supported. We are looking into how this can best be supported.