• Choose a category
• All
• Classic-Fiction

Element

Description

bufferModes

Used with Microsoft SQL Server and Web event providers (with built-in e-mail capability) to determine how often to flush the various events to the provider and the size of the intermediate buffer.

eventMappings

Maps friendly event names to the event classes. You use this element to register custom event types.

profiles

Defines parameter sets to use when configuring events.

providers

Defines the health monitoring providers that process events. Predefined providers write to a SQL Server table and the Event Log, and they send e-mail. You use this element to register custom Web event providers.

rules

Maps events to providers.

The interval for the heartbeat event is set to 0 by default, meaning that no heartbeat event is raised by default.

The Section

The section defines configuration settings that control the behavior of the application-hosting environment. As you can see in the following code segment, the section has three attributes: idleTimeout, shadowCopyBinAssemblies, and shutdownTimeout:

shadowCopyBinAssemblies="true|false"

shutdownTimeout="number"

urlMetadataSlidingExpiration="HH:MM:SS" />

The idleTimeout attribute sets the amount of time to wait before unloading an inactive application. It is set to Infinite by default, meaning that inactive applications are not automatically unloaded. Note also that “inactive” doesn’t mean nonresponsive; an application is inactive if no user is working with it, and this is normally not by itself a good reason to kill it. The shadowCopyBinAssemblies attribute indicates whether the assemblies of an application in the Bin directory are shadow-copied to the application’s ASP.NET temporary files directory. It is true by default. Finally, the shutdownTimeout attribute sets the number of seconds (30 by default) it should take to shut down the application. Finally, the urlMetadataSlidingExpiration attribute indicates for how long the URL metadata will be cached by ASP.NET. The default is 1 minute. Both idleTimeout and urlMetadataSlidingExpiration attributes can be set to any time span, ranging from seconds to minutes and hours.

Note

Shadow-copy is a feature of the .NET Framework that ASP.NET uses extensively. When shadow-copy is enabled on an AppDomain, assemblies loaded in that AppDomain will be copied to an internal cache directory and used from there. In this way, the original file is not locked and can be changed at will. In ASP.NET, you can control the feature through the shadowCopyBinAssemblies attribute.

The Section

The section is used to configure properties for cookies used by ASP.NET applications. Here is the overall schema:

httpOnlyCookies="true|false"

requireSSL="true|false" />

The domain attribute indicates the default Internet domain of the cookie and is set to the empty string by default. The requireSSL attribute is false by default. If it’s true, SSL is required for all cookies. The httpOnlyCookies attribute enables ASP.NET to output an extra HttpOnly cookie attribute that can help mitigate cross-site scripting threats that result in stolen cookies. When a cookie that has the HttpOnly attribute set to true is received by a compliant browser such as Internet Explorer 6 SP1 (and superior), it is inaccessible to client-side script. Adding the HttpOnly attribute is as easy as appending the HttpOnly string to the path of all response cookies.

Caution

The HttpOnly attribute is helpful when it comes to raising the security bar, but it is not a silver bullet. Any network monitoring tool, in fact, can easily detect it, thus giving malicious users an important bit of help.

Finally, note that any settings defined in the section can be overridden by classes that actually create cookies in ASP.NET pages.

The Section

The section configures some run-time parameters for the ASP.NET pipeline. Interestingly enough,