我通过将连接字符串从web.config中移出到外部文件中,而不将其检查到源代码管理中,也没有将其添加到项目中来保护我的MVC5项目。
I am securing my MVC5 project, by moving the connection strings out of web.config into an external file, and not checking this into source control, nor adding it to the project.
我的web.config看起来像
My web.config looks like
<configuration> <connectionStrings configSource="ConnectionStrings.config" />这在开发中非常有效。
This works perfectly in development.
我将网站托管在Azure网站中,并且已经在配置门户中手动定义了连接字符串。
I have the website hosted in Azure WebSites, and I have manually defined the connectionstrings in the configuration portal.
问题在于,当我发布到Azure时,出现错误 无法打开configSource文件'ConnectionStrings.config'。
The problem is that when I publish to Azure, I get the error "Unable to open configSource file 'ConnectionStrings.config'."
是否有一种方法可以覆盖web.config中的Connection Strings元素,以便它不会尝试查找外部文件? Web Transforms能够做到这一点吗?
Is there a way to override the Connection Strings element in the web.config so it will not try and find the external file? Is Web Transforms able to do this?
在此先感谢所有帮助
推荐答案在web.config上使用RemoveAttributes转换,并在部署到Azure时删除configSource属性。
Use a RemoveAttributes transform on the web.config and remove the configSource attribute on deploy to Azure.
更多推荐
部署到Azure时找不到ConnectionString configSource
发布评论