When creating a new ASP.NET application in Visual Studio, a couple of files and folders are created automatically. One of those folders is called
Also when publishing a website by selecting the menu option
Build->Publish a checkbox is available
Include files from the App_Data folder.
Am I right assuming that the files put in this file and its sub-folders are not going to be accessible through the web? For example, would it be safe to put in that folder resources that I only intend to be used by the application code?
What is the real intended use of the
Thank you for all the answers. From the answers received so far I am interested mostly in two points mentioned:
- App_Data is essentially a storage point for file-based data store
- It should not be viewable by the web and is a place for the web app to store and read data from
Would someone be able specify how the "not viewable by the web" is ensured?
Can I rely on that fact when performing standard deployment, or do I need to check some IIS settings on the server as well.
In the situation when I have a set of pdf files that I want to be accessible only from the application. Would App_Data folder be the right place to use, or should I create a separate folder and manually set IIS to ensure that it is not accessible by Web?