Question

I m using ASP.Net and forms authentication. When a user is directed to the Login Page I get a JavaScript error:

Message: Syntax error Line: 3 Char: 1 Code: 0 URI: http://localhost:49791/login.aspx?ReturnUrl=%2fWebImageButton.js

This is because I am using a Custom Image Button in a separate Web Control Project control that adds a ScriptReference to the page:

public class WebImageButton : LinkButton, IScriptControl, IButtonControl
{
    protected override void OnPreRender(EventArgs e)
    {

        // Link the script up with the script manager
        ScriptManager scriptManager = ScriptManager.GetCurrent(this.Page);
        if (scriptManager != null)
        {
            scriptManager.RegisterScriptControl(this);
            scriptManager.Scripts.Add(new ScriptReference("<snip>.WebImageButton.js", "<snip>"));
        }

        base.OnPreRender(e);

    }
}

If I add the following rule into my Web.Config, then the file is successfully imported:

<location path="WebImageButton.js">
    <system.web>
      <authorization>
        <allow users="*" />
      </authorization>
    </system.web>
  </location>

This isn t very good as I have a number of custom controls that do the same thing, and I don t particularly fancy authenticating each of their js files individually.

Is there no way that I can declare that all imported script references should be allowed? I tried authorising the WebResource.axd file in-case that allows it, but the page itself (when rendered) physically references the WebImageButton.js file.

The ideal scenario would be something like the following:

  <location path="My.WebControlLibraryProject.Controls">
    <system.web>
      <authorization>
        <allow users="*" />
      </authorization>
    </system.web>
  </location>

Is there any way to achieve this without listing each file?

EDIT: Just to be clear, these script files are in another project and are not in my actual web project. I know how to declare the location paths of directory paths to include a large number of files in one wack, but I can t figure out how to authenticate automatic script references, which are from embedded resources.

Answer 1

Is the WebImageButton.js an embedded resource? As I ve seen, you had implemented IScriptControl. Thus, you must return all of script references on the IScriptControl.GetScriptReferences. I think an embedded resource never be authorized. I use some of custom controls in different situation and don t have any problem. I m wondering that script manager references to WebImageButton.js directly, and not in form of .axd file. So, I think the problem is arising from your resource file.

public class WebImageButton : LinkButton, IScriptControl, IButtonControl
{

    protected ScriptManager ScriptManager
    {
        get
        {
            ScriptManager scriptManager = ScriptManager.GetCurrent(this.Page);
            if (scriptManager == null)
            {
                throw new System.Web.HttpException("<snip>");
            }
            return scriptManager;
        }
    }

    protected override void Render(HtmlTextWriter writer)
    {
        base.Render(writer);

        this.ScriptManager.RegisterScriptControl<WebImageButton>(this);
    }

    #region IScriptControl Members

    public System.Collections.Generic.IEnumerable<ScriptDescriptor> GetScriptDescriptors()
    {
        yield break;
    }

    public System.Collections.Generic.IEnumerable<ScriptReference> GetScriptReferences()
    {
        yield return new ScriptReference("<snip>.WebImageButton.js", "Assembly Name");
    }

    #endregion

}

Answer 2

This is just a guess - have you tried putting in a wildcard in the location path? Perhaps something like < location path="*.js">?

Answer 3

You can specify a generic location and put all your scripts there so that all the scripts that don t require authorization will pass. You just need to change the path to whatever folder you want it to be and put the scripts there.

That will work for not only scripts, but other resources as well, such as images, style sheets, etc.

友情链接