HTTPS site - issues with accessing the image button/folder

Last post 11-22-2005, 5:18 AM by rcroeder. 3 replies.
Sort Posts: Previous Next
  •  10-13-2005, 3:25 PM 11710

    HTTPS site - issues with accessing the image button/folder

        My client has their site under SSL security...What needs to be done to allow them to access the image folder, as well as upload images.  I have the proper IUSR account giving anonymous access to that folder, but am getting this error within the image selection popup...
     
    THE AREA YOU ARE ATTEMPTING TO ACCESS IS FORBIDDEN
     
     
    Any help would be greatly appreciated!
     
    THX
     
    Matt Espo
  •  10-13-2005, 6:06 PM 11716 in reply to 11710

    Re: HTTPS site - issues with accessing the image button/folder

    Matt,

    It has nothing to do with the https.

    It looks like the security session of the current user has expired.

     

    asp.net Chat http://cutesoft.net/ASP.NET+Chat/default.aspx
    Web Messenger: http://cutesoft.net/Web-Messenger/default.aspx
    asp.net wysiwyg editor: http://cutesoft.net/ASP.NET+WYSIWYG+Editor/default.aspx
    asp wysiwyg html editor: http://cutesoft.net/ASP
    asp.net Image Gallery: http://cutesoft.net/ASP.NET+Image+Gallery/default.aspx
    Live Support: http://cutesoft.net/live-support/default.aspx

  •  10-17-2005, 3:22 PM 11769 in reply to 11716

    Re: HTTPS site - issues with accessing the image button/folder

    So is this related to the IUSR account not having proper permissions?  What permissions should the anonymous user have to be able to read/post image files.  Unfortunately, we do not host this server and I cannot see what the Admin has set for permissions on this folder.
     
    Thanks for the help!
     
    Matt Espo
  •  11-22-2005, 5:18 AM 12849 in reply to 11710

    Re: HTTPS site - issues with accessing the image button/folder

    Matt,
     
    I have had this problem too. It is related to the image popup window (and document, media and flash) not trasfering the current sessions to the window. The problem is in the browse_img.asp file line 14
     
    If InStr(Lcase(ImageGalleryPath),Lcase(trim(Session("ImageGalleryPath")))) <= 0 or Session("ImageGalleryPath") ="" then Response.Write "The area you are attempting to access is forbidden"
    Response.End
    End If
     
    I found flushing the cache does help, it would be useful of CuteSoft would pass a randomize string variable when calling the popup. It dies badly with Mac safari. I added CacheControl and AddHeader (http://support.microsoft.com/kb/q234067/) and it seems to help.
     
    On the site security, if you have access to the server, make a user id for the client to login on, lock the directory down to that user account via NT secuirty, and the allow access only to that user account.
View as RSS news feed in XML