.net – the App_Data folder used for in Visual Studio

.netapp-dataasp.netsecurityvisual-studio

When creating a new ASP.NET application in Visual Studio, a couple of files and folders are created automatically. One of those folders is called App_Data.

Also when publishing a website by selecting the menu option Build->Publish a checkbox is available Include files from the App_Data folder.

Am I right assuming that the files put in this file and its sub-folders are not going to be accessible through the web? For example, would it be safe to put in that folder resources that I only intend to be used by the application code?

What is the real intended use of the App_Data folder?

EDIT:

Thank you for all the answers. From the answers received so far I am interested mostly in two points mentioned:

  1. App_Data is essentially a storage point for file-based data store
  2. It should not be viewable by the web and is a place for the web app to store and read data from

Would someone be able specify how the "not viewable by the web" is ensured?
Can I rely on that fact when performing standard deployment, or do I need to check some IIS settings on the server as well.

In the situation when I have a set of pdf files that I want to be accessible only from the application. Would App_Data folder be the right place to use, or should I create a separate folder and manually set IIS to ensure that it is not accessible by Web?

Best Solution

App_Data is essentially a storage point for file-based data stores (as opposed to a SQL server database store for example). Some simple sites make use of it for content stored as XML for example, typically where hosting charges for a DB are expensive.