IIS7 / Vista cannot server static content by default!
-
Can you believe this? :mad::mad: I don't know who is to blame, because for all Vista's faults, IIS7 actually looks like a decent server product. I have just spent, collectively, about one whole day trying to figure out why the web application, working 100% on my desktop, freshly checked out to my laptop, fell over using telerik controls. Eventually I concluded it wasn't serving images; then I further realised it wasn't serving text files; then I concluded it was only serving ASP.NET content; then, fortunately, a colleague recognised what was wrong, and directed me to turn on the Windows Feature: IIS->Common HTTP Features->Static Content. What kind of web server needs its admin to explicitly e=nable static content?
My head asplode!
Calling all South African developers! Your participation in this local dev community will be mutually beneficial, to you and us.
-
Can you believe this? :mad::mad: I don't know who is to blame, because for all Vista's faults, IIS7 actually looks like a decent server product. I have just spent, collectively, about one whole day trying to figure out why the web application, working 100% on my desktop, freshly checked out to my laptop, fell over using telerik controls. Eventually I concluded it wasn't serving images; then I further realised it wasn't serving text files; then I concluded it was only serving ASP.NET content; then, fortunately, a colleague recognised what was wrong, and directed me to turn on the Windows Feature: IIS->Common HTTP Features->Static Content. What kind of web server needs its admin to explicitly e=nable static content?
My head asplode!
Calling all South African developers! Your participation in this local dev community will be mutually beneficial, to you and us.
:wtf: you have got to be kidding me! UAC was a joke, but this is ridiculous! :wtf:
"Programming today is a race between software engineers striving to build bigger and better idiot-proof programs, and the Universe trying to produce bigger and better idiots. So far, the Universe is winning." - Rick Cook "There is no wealth like knowledge, no poverty like ignorance." Ali ibn Abi Talib "Animadvertistine, ubicumque stes, fumum recta in faciem ferri?"
-
Can you believe this? :mad::mad: I don't know who is to blame, because for all Vista's faults, IIS7 actually looks like a decent server product. I have just spent, collectively, about one whole day trying to figure out why the web application, working 100% on my desktop, freshly checked out to my laptop, fell over using telerik controls. Eventually I concluded it wasn't serving images; then I further realised it wasn't serving text files; then I concluded it was only serving ASP.NET content; then, fortunately, a colleague recognised what was wrong, and directed me to turn on the Windows Feature: IIS->Common HTTP Features->Static Content. What kind of web server needs its admin to explicitly e=nable static content?
My head asplode!
Calling all South African developers! Your participation in this local dev community will be mutually beneficial, to you and us.
Brady Kelly wrote:
What kind of web server needs its admin to explicitly e=nable static content?
The same one where the admin turned it off by default :)
xacc.ide
IronScheme a R5RS-compliant Scheme on the DLR
The rule of three: "The first time you notice something that might repeat, don't generalize it. The second time the situation occurs, develop in a similar fashion -- possibly even copy/paste -- but don't generalize yet. On the third time, look to generalize the approach." -
:wtf: you have got to be kidding me! UAC was a joke, but this is ridiculous! :wtf:
"Programming today is a race between software engineers striving to build bigger and better idiot-proof programs, and the Universe trying to produce bigger and better idiots. So far, the Universe is winning." - Rick Cook "There is no wealth like knowledge, no poverty like ignorance." Ali ibn Abi Talib "Animadvertistine, ubicumque stes, fumum recta in faciem ferri?"
Mustafa Ismail Mustafa wrote:
UAC was a joke
So whats your solution for the average user? Have them always run as administrator, amake them log in as a different account everytime they need to do something as administrator or just ask them if they want to elivate to administrator for this current operation?
-
Mustafa Ismail Mustafa wrote:
UAC was a joke
So whats your solution for the average user? Have them always run as administrator, amake them log in as a different account everytime they need to do something as administrator or just ask them if they want to elivate to administrator for this current operation?
I don't have an answer :sigh:
"Programming today is a race between software engineers striving to build bigger and better idiot-proof programs, and the Universe trying to produce bigger and better idiots. So far, the Universe is winning." - Rick Cook "There is no wealth like knowledge, no poverty like ignorance." Ali ibn Abi Talib "Animadvertistine, ubicumque stes, fumum recta in faciem ferri?"
-
Mustafa Ismail Mustafa wrote:
UAC was a joke
So whats your solution for the average user? Have them always run as administrator, amake them log in as a different account everytime they need to do something as administrator or just ask them if they want to elivate to administrator for this current operation?
Problem is, the average user often can't decide if he wants to allow the Caburculator (or an carbuculator-compatible interface) to enphase the SXU right now. As it is now, UAC is a blame shifter: "Your wife ran away? Well, did you allow it to enphase? The log shows you did. Bad luck, it is your fault." Problem is, the average user wants to be protected BUT also wants to be in full control. UAC can be a bit better with some tuning, but components and layers generally make it hard to tell what exactly is going on at a certain point of execution. In real life, the same problem is quite well solved by communities and social groups: Either they are isolated communities that eye every outsider suspicously (portuguese fisher village), or the place simply wolfs ou down on its own if you do not play by its rules (New York). Simple rules like "as gringo, do not walk the at night" are usually enough. I wonder if that can be translated to user security.
We are a big screwed up dysfunctional psychotic happy family - some more screwed up, others more happy, but everybody's psychotic joint venture definition of CP
My first real C# project | Linkify!|FoldWithUs! | sighist -
I don't have an answer :sigh:
"Programming today is a race between software engineers striving to build bigger and better idiot-proof programs, and the Universe trying to produce bigger and better idiots. So far, the Universe is winning." - Rick Cook "There is no wealth like knowledge, no poverty like ignorance." Ali ibn Abi Talib "Animadvertistine, ubicumque stes, fumum recta in faciem ferri?"
Fair enough, I'll freely admit theres some places where it needs fixing, like when renaming and moving files, sometimes you have billions of things to click and its a pain, but for the majority of the time it's just the single dialog to ask permission for elevation of privileges and I've gotten used to that now.
-
Problem is, the average user often can't decide if he wants to allow the Caburculator (or an carbuculator-compatible interface) to enphase the SXU right now. As it is now, UAC is a blame shifter: "Your wife ran away? Well, did you allow it to enphase? The log shows you did. Bad luck, it is your fault." Problem is, the average user wants to be protected BUT also wants to be in full control. UAC can be a bit better with some tuning, but components and layers generally make it hard to tell what exactly is going on at a certain point of execution. In real life, the same problem is quite well solved by communities and social groups: Either they are isolated communities that eye every outsider suspicously (portuguese fisher village), or the place simply wolfs ou down on its own if you do not play by its rules (New York). Simple rules like "as gringo, do not walk the at night" are usually enough. I wonder if that can be translated to user security.
We are a big screwed up dysfunctional psychotic happy family - some more screwed up, others more happy, but everybody's psychotic joint venture definition of CP
My first real C# project | Linkify!|FoldWithUs! | sighistIt's another "damned if you do, damned if you don't" situation. If MS hadn't implemented it they would have been criticised for being complacent, if they had completely redesigned everything they would have lost backward compatibility and probably lose the majority of their big clients and I can't think of any other solution than to put something in to ask the user if the want to elevate or not. Another answer is to have a sys admin hehe ... but I doubt home users really want to pay someone to do that for them. And maybe shifting the blame isn't such a bad move ;) alot of the security problems that software has is at the hands of stupid end users lol ... and windows has a very large majority of the stupid users ;)
-
Can you believe this? :mad::mad: I don't know who is to blame, because for all Vista's faults, IIS7 actually looks like a decent server product. I have just spent, collectively, about one whole day trying to figure out why the web application, working 100% on my desktop, freshly checked out to my laptop, fell over using telerik controls. Eventually I concluded it wasn't serving images; then I further realised it wasn't serving text files; then I concluded it was only serving ASP.NET content; then, fortunately, a colleague recognised what was wrong, and directed me to turn on the Windows Feature: IIS->Common HTTP Features->Static Content. What kind of web server needs its admin to explicitly e=nable static content?
My head asplode!
Calling all South African developers! Your participation in this local dev community will be mutually beneficial, to you and us.
-
Brady Kelly wrote:
What kind of web server needs its admin to explicitly e=nable static content?
One that's part of a desktop product, not a server. A better question is why is ASP.NET content enabled by default.
The main reason for a desktop configuration of IIS7 would, by implication, be development, and as a developer I would expect ASP.NET content enabled by default.
-
Can you believe this? :mad::mad: I don't know who is to blame, because for all Vista's faults, IIS7 actually looks like a decent server product. I have just spent, collectively, about one whole day trying to figure out why the web application, working 100% on my desktop, freshly checked out to my laptop, fell over using telerik controls. Eventually I concluded it wasn't serving images; then I further realised it wasn't serving text files; then I concluded it was only serving ASP.NET content; then, fortunately, a colleague recognised what was wrong, and directed me to turn on the Windows Feature: IIS->Common HTTP Features->Static Content. What kind of web server needs its admin to explicitly e=nable static content?
My head asplode!
Calling all South African developers! Your participation in this local dev community will be mutually beneficial, to you and us.
It's part of the IIS lockdown. The thinking is that you only enable stuff you're actually using, thus a flaw in some component won't affect people that haven't explicitly enabled that feature. These were the lessons learned from Code Red and Nimda.
-- Where are we going? And why am I in this handbasket?