Why does IIS need to be told that my folder is an application folder?

What if I happen to have a folder with .aspx pages but I don't want them to
be accessed? I don't want IIS just making any folder an application just
because it happens to have a certain file type in there! This could be a
major security issue if IIS just starts assuming this.

Not to mention, it would mean it has to constantly monitor every folder to
see if it now happens to have some .aspx files in there so it can start
treating it as an application. And it would have to monitor for many other
file types too that could be part of a web application (.htm, .html, .asp,
etc).

"darrel" <no*****@nowhere.com> wrote in message
news:uk**************@TK2MSFTNGP11.phx.gbl...

To deploy a .net web application, one needs to go into IIS and make sure
the folder that contains the application is set to be an application
folder.

Can anyone explain why we need to do this? Why can't IIS just assume that
if there are aspx pages, then it's a .net application?

-Darrel

> What if I happen to have a folder with .aspx pages but I don't want them

to be accessed?
Why would you upload aspx pages to a web server that you don't want
accessed? ;o)
I don't want IIS just making any folder an application just because it
happens to have a certain file type in there! This could be a major
security issue if IIS just starts assuming this.
I suppose it adds a layer of security.
Not to mention, it would mean it has to constantly monitor every folder to
see if it now happens to have some .aspx files in there so it can start
treating it as an application.

That wouldn't be a big deal. That's how ASP worked.

-Darrel

Maybe it is not only a web server but has other functionality. Maybe I want
to store some data up there - who knows why?

Are you saying that if you had a .asp file anywhere, the folder it is in
would suddenly become a web application?

Is it really hard to mark a folder as a web application? It takes 2 seconds.
It's not like you are creating hundreds of new applications a day. I'm not
sure if that's really worth complaining about...

"darrel" <no*****@nowhere.com> wrote in message
news:%2****************@TK2MSFTNGP12.phx.gbl...

What if I happen to have a folder with .aspx pages but I don't want them
to be accessed?

Why would you upload aspx pages to a web server that you don't want
accessed? ;o)

I don't want IIS just making any folder an application just because it
happens to have a certain file type in there! This could be a major
security issue if IIS just starts assuming this.

I suppose it adds a layer of security.

Not to mention, it would mean it has to constantly monitor every folder
to see if it now happens to have some .aspx files in there so it can
start treating it as an application.

That wouldn't be a big deal. That's how ASP worked.

-Darrel

Are you saying that if you had a .asp file anywhere, the folder it is in
would suddenly become a web application?
I'm saying IIS would go 'oh, it's an ASP file...I should execute that for
you' without me having to explicitely tell it to execute ASP files in a
particular directory.
Is it really hard to mark a folder as a web application? It takes 2
seconds.
No, it takes about 15 mintues. (We're not anywhere near the server room and
don't have remote access at this time).
It's not like you are creating hundreds of new applications a day. I'm not
sure if that's really worth complaining about...

It's worth complaining about if there isn't a reason for it. If there's a
reason, then that's what I'm looking for. I haven't heard an explanation for
why we have to explicitly tell IIS that a folder with aspx files should be
executed...as why else would I be using aspx files?

-Darrel