.AXD Available to the World? RRS feed

  • Question

  • User851106092 posted

    I may be completely wrong, but I was under the impression that embedding your scripts, etc. in WebResource.axd provided obfuscation from the client. For instance, if I attempt to navigate in my browser to http://mydomain.com/WebResource.axd, I'll be given a 404 error.  That's expected, and I don't have a single problem with that.

    BUT...if I navigate to a page that uses those embedded resources and choose "Save As... -> HTML, Complete" then all of the AXDs are downloaded to the "pagename_files" folder on my computer.  That leaves every bit of script open to everyone to see.  Why would that be allowed?  Anybody could reverse engineer your custom controls.

    Monday, May 21, 2007 12:19 PM


  • User-1765504541 posted

    I'm afraid that the browser must be able to download your scripts in order to run them. The 404 is only because when visiting WebResource.axd, you have not provided a valid parameter for the "d" request argument (e.g. http://mydomain.com/WebResource.axd?d=bigUglyString)

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Monday, May 21, 2007 6:09 PM