In my web site which is basically a monitor application I have to keep a configuration file which contains some web servers name, names of web sites hosted on each web server, url and port numbers etc.
Can anyone please explain me what are the benefits of treating this configuration file as custom configuration file of my web application and reading it u开发者_如何学编程sing "ConfigurationSection" or "IConfigurationSectionHandler" rather than treating it as a normal xml file and reading it using 'XMLDocument' or 'XMLTextReader' or 'XLINQ' etc? This will save me from creating an entry in in the web.config file as well this custom configuration file.
I have spent good amount of time on the internet looking for this answer but could not find any satisfactory answer.
Please help..
There are at least two reasons:
- The web.config is designed to hold the configuration for your website; therefore, anyone maintaining the site in the future will know to look there for settings that pertain to the site.
- Using the *.config for any application allows you to use the
ConfigurationManagerclass (in theSystem.Configurationassembly) to read from / write to the file, which is simpler than writing your own xml (as it is designed specifically for the purpose of persisting configuration information).
From a security perspective, if you put your XML file on your site and I can guess/discover the filename, I can get the file and I now know all your sites, what servers they are on, and a set of ports on the server that are open that I might be able to use to attack and take control of the servers.
By contrast, ASP.NET will not (by default) serve up a .config file to a browser request, making it harder for me to discover all that information.
![Interactive visualization of a graph in python [closed]](https://www.devze.com/res/2023/04-10/09/92d32fe8c0d22fb96bd6f6e8b7d1f457.gif)
加载中,请稍侯......
精彩评论