Upgrade your Internet Experience
Microsoft.com
Welcome Sign in
Microsoft Developer Network
Click to Rate and Give Feedback
Collapse All/Expand All Collapse All
IIS 7.0: fileExtensions Element for requestFiltering (IIS Settings Schema)

Specifies which file name extensions are allowed or denied to limit types of requests sent to the Web server.

configuration Element [IIS 7 Settings Schema]
  system.webServer Section Group [IIS 7 Settings Schema]
    IIS 7.0: security Element (IIS Settings Schema)
      IIS 7.0: requestFiltering Element for security (IIS Settings Schema)
        IIS 7.0: fileExtensions Element for requestFiltering (IIS Settings Schema)
<fileExtensions 
   allowUnlisted="true | false"
   applyToWebDAV="true | false"
>
   <add... />
   <remove... />
   <clear />
</fileExtensions>
 Attributes and Elements

The following sections describe attributes, child elements, and parent elements for this section.

Attributes

Attribute

Description

allowUnlisted

Optional Boolean attribute.

Specifies whether the Web server should process files that have unlisted file name extensions. If you set this attribute to true, you must list all file name extensions you want to deny. If you set this attribute to false, you must list all file name extensions you want to allow.

The default value is true.

applyToWebDAV

Optional Boolean attribute.

Specifies whether these settings should also apply to WebDAV requests.

Child Elements

Element

Description

add

Optional element.

Adds a file name extension to the collection of file name extensions.

remove

Optional element.

Removes a reference to a file name extension from the fileExtensions collection.

clear

Optional element.

Removes all references to file name extensions from the fileExtensions collection.

Parent Elements

Element

Description

configuration

Specifies the root element in every configuration file that is used by IIS 7.

system.webServer

Specifies the top-level section group (in ApplicationHost.config) in which this element is defined.

security

Specifies the section group that contains security-related sections.

requestFiltering

Specifies configuration settings for request filtering.
 Remarks

Default Configuration

The following default <fileExtensions> element is configured in the root ApplicationHost.config file in IIS 7. This configuration section inherits the default configuration settings unless you use the <clear> element.

   <requestFiltering>
      <fileExtensions allowUnlisted="true">
         <add fileExtension=".asa" allowed="false" />
         <add fileExtension=".asax" allowed="false" />
         <add fileExtension=".ascx" allowed="false" />
         <add fileExtension=".master" allowed="false" />
         <add fileExtension=".skin" allowed="false" />
         <add fileExtension=".browser" allowed="false" />
         <add fileExtension=".sitemap" allowed="false" />
         <add fileExtension=".config" allowed="false" />
         <add fileExtension=".cs" allowed="false" />
         <add fileExtension=".csproj" allowed="false" />
         <add fileExtension=".vb" allowed="false" />
         <add fileExtension=".vbproj" allowed="false" />
         <add fileExtension=".webinfo" allowed="false" />
         <add fileExtension=".licx" allowed="false" />
         <add fileExtension=".resx" allowed="false" />
         <add fileExtension=".resources" allowed="false" />
         <add fileExtension=".mdb" allowed="false" />
         <add fileExtension=".vjsproj" allowed="false" />
         <add fileExtension=".java" allowed="false" />
         <add fileExtension=".jsl" allowed="false" />
         <add fileExtension=".ldb" allowed="false" />
         <add fileExtension=".dsdgm" allowed="false" />
         <add fileExtension=".ssdgm" allowed="false" />
         <add fileExtension=".lsad" allowed="false" />
         <add fileExtension=".ssmap" allowed="false" />
         <add fileExtension=".cd" allowed="false" />
         <add fileExtension=".dsprototype" allowed="false" />
         <add fileExtension=".lsaprototype" allowed="false" />
         <add fileExtension=".sdm" allowed="false" />
         <add fileExtension=".sdmDocument" allowed="false" />
         <add fileExtension=".mdf" allowed="false" />
         <add fileExtension=".ldf" allowed="false" />
         <add fileExtension=".ad" allowed="false" />
         <add fileExtension=".dd" allowed="false" />
         <add fileExtension=".ldd" allowed="false" />
         <add fileExtension=".sd" allowed="false" />
         <add fileExtension=".adprototype" allowed="false" />
         <add fileExtension=".lddprototype" allowed="false" />
         <add fileExtension=".exclude" allowed="false" />
         <add fileExtension=".refresh" allowed="false" />
         <add fileExtension=".compiled" allowed="false" />
         <add fileExtension=".msgx" allowed="false" />
         <add fileExtension=".vsdisco" allowed="false" />
      </fileExtensions>
      <verbs allowUnlisted="true" />
      <hiddenSegments>
         <add segment="web.config" />
         <add segment="bin" />
         <add segment="App_code" />
         <add segment="App_GlobalResources" />
         <add segment="App_LocalResources" />
         <add segment="App_WebReferences" />
         <add segment="App_Data" />
         <add segment="App_Browsers" />
      </hiddenSegments>
   </requestFiltering>
 Element Information

Configuration locations

Machine.config

ApplicationHost.config

Root application Web.config

Application Web.config

Directory Web.config

Requirements

Microsoft Internet Information Services (IIS) version 7.0
 See Also

Reference

IIS 7.0: add Element for fileExtensions for requestFiltering (IIS Settings Schema)
IIS 7.0: remove Element for fileExtensions for requestFiltering (IIS Settings Schema)
IIS 7.0: clear Element for fileExtensions for requestFiltering (IIS Settings Schema)
© 2009 Microsoft Corporation. All rights reserved. Terms of Use | Trademarks | Privacy Statement
Page view tracker