This repository has been archived by the owner on Dec 14, 2018. It is now read-only.
/
Web.config
60 lines (59 loc) · 3.06 KB
/
Web.config
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
<?xml version="1.0"?>
<!--
For more information on how to configure your ASP.NET application, please visit
http://go.microsoft.com/fwlink/?LinkId=169433
-->
<configuration>
<configSections>
<section name="antiXssModuleSettings" type="ProceXSS.Configuration.XssConfigurationHandler, ProceXSS, Version=1.6.0, Culture=neutral"/>
</configSections>
<connectionStrings>
<add name="ApplicationServices" connectionString="data source=.\SQLEXPRESS;Integrated Security=SSPI;AttachDBFilename=|DataDirectory|\aspnetdb.mdf;User Instance=true" providerName="System.Data.SqlClient"/>
</connectionStrings>
<antiXssModuleSettings redirectUrl="/Default.aspx" log="False" mode="Ignore" isActive="True" controlRegex="(javascript[^*(%3a)]*(\%3a|\:))|(\%3C*|\<)[\/]*script|(document[\.])|(window[^a-zA-Z_0-9]*[\%2e|\.])|(setInterval[^a-zA-Z_0-9]*(\%28|\())|(setTimeout[^a-zA-Z_0-9]*(\%28|\())|(alert[^a-zA-Z_0-9]*(\%28|\())|eval[^a-zA-Z_0-9]*(\%28|\()|(((\%3C) <)[^\n]+((\%3E) >))">
<excludeUrls>
<!--<add name="url1" value="/"/>
<add name="url2" value="/default.aspx"/>-->
</excludeUrls>
</antiXssModuleSettings>
<!--
For a description of web.config changes see http://go.microsoft.com/fwlink/?LinkId=235367.
The following attributes can be set on the <httpRuntime> tag.
<system.Web>
<httpRuntime targetFramework="4.6.1" />
</system.Web>
-->
<system.web>
<compilation debug="true" targetFramework="4.6.1"/>
<authentication mode="Forms">
<forms loginUrl="~/Account/Login.aspx" timeout="2880"/>
</authentication>
<membership>
<providers>
<clear/>
<add name="AspNetSqlMembershipProvider" type="System.Web.Security.SqlMembershipProvider" connectionStringName="ApplicationServices" enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="false" requiresUniqueEmail="false" maxInvalidPasswordAttempts="5" minRequiredPasswordLength="6" minRequiredNonalphanumericCharacters="0" passwordAttemptWindow="10" applicationName="/"/>
</providers>
</membership>
<profile>
<providers>
<clear/>
<add name="AspNetSqlProfileProvider" type="System.Web.Profile.SqlProfileProvider" connectionStringName="ApplicationServices" applicationName="/"/>
</providers>
</profile>
<roleManager enabled="false">
<providers>
<clear/>
<add name="AspNetSqlRoleProvider" type="System.Web.Security.SqlRoleProvider" connectionStringName="ApplicationServices" applicationName="/"/>
<add name="AspNetWindowsTokenRoleProvider" type="System.Web.Security.WindowsTokenRoleProvider" applicationName="/"/>
</providers>
</roleManager>
<httpRuntime requestValidationMode="2.0"/>
<pages validateRequest="false" controlRenderingCompatibilityVersion="4.0"/>
<!--<httpModules>
<add name="ProceXSSModule" type="ProceXSS.ProceXSSModule, ProceXSS, Version=1.6.0, Culture=neutral" />
</httpModules>-->
</system.web>
<system.webServer>
<modules runAllManagedModulesForAllRequests="true"/>
</system.webServer>
</configuration>