Typically, default server configuration does not allow to upload files with Image Uploader Flash. This topic describes how to configure a server you are going to deploy Image Uploader Flash properly.

Disabling Requset Validation

ASP.NET automatically validates a request or rejects it if there are dangerous fields. However, Image Uploader Flash sends files data in text fields (instead of binary ones) due to Adobe Flash Player limitations. IIS may treat this behavior as potentially dangerous and, thus, you can get the following error during uploading:

A potentially dangerous Request.Form value was detected from the client

In this case you should disable the request validation on the page which processes the upload request:

<%@ Page Language="C#" ValidateRequest="false" %>

Configuring Permissions

The folder where you are going to save files should have modify permissions. Depending on your operating system it can be set in one of the following ways:

  • On Windows NT/2000/XP you should grant the modify permission to the Internet guest user (IUSR_<machinename>).
  • On Windows 2003 Server you should grant the modify permission to the NETWORK SERVICE group.
  • On Windows Vista/2008 Server/7 you should grant the modify permission to the account your site application pool is running under, Network Service by default.

Configuring Maximum POST Request Length

Usually limitation for maximum POST request length is specified to reduce the risk of DoS attacks. If the request size exceeds a specific value, it is considered malicious and the upload would be broken.

If you are going to upload files larger than the default limitation, increase the latter.

For IIS 7:

  1. Go to C:\Windows\System32\inetsrv\config\applicationHost.config and change

    XML

    <section name="requestFiltering" overrideModeDefault="Deny" />

    to:

    XML

    <section name="requestFiltering" overrideModeDefault="Allow" />
  2. Add to your application web.config the following sections:

    XML

    <system.webServer>
        <security>
            <requestFiltering>
                <requestLimits maxAllowedContentLength ="2147482624" /> <!-- in bytes -->
            </requestFiltering>
        </security>
    </system.webServer>

    XML

    <system.web>
         <httpRuntime maxRequestLength="2097151"/> <!-- in kilobytes -->
    </system.web>

For IIS 6:

Add to your application web.config the following section:

XML

<system.web>
    <httpRuntime maxRequestLength="2097151"/> <!-- in kilobytes -->
</system.web>