0

I'd like to create WCF operation contract which consumes a string, produces a public webpage and then returns the address of this new page.

[ServiceContract(Namespace = "")]
public class DatabaseService
{
    [OperationContract]
    public string BuildPage(string fileName, string html)
    {

        //writes html to file
        //returns public file url

    }
}

This doesn't seem like it should be complicated but i cant figure out how to do it. So far what i've tried is this:

[OperationContract]
public string PrintToFile(string name, string text)
{
    FileInfo f = new FileInfo(name);
    StreamWriter w = f.AppendText();
    w.Write(text);
    w.Close();
    return f.Directory.ToString();
}

Here's the problem. This does not create a file in the web root, it creates it in the directory where the webdav server is running. When i run this on an IIS server it seems to do nothing at all (at least not that i can tell). How can I get a handle to the webroot programmatically so that i can place the resultant file there and then return the public URL? I can tack on the domain name after the fact without issue so if it only returns the relative path to the file that's fine.

Thanks, brian

Brian Sweeney
  • 6,415
  • 12
  • 50
  • 68
  • 3
    You do realize that this is a massive, gaping security hole, right? As written, this allows the user to upload any file, with any content, to any location. Including illegal content, scripts, ASPX pages, or even executables. – Aaronaught May 12 '10 at 21:35
  • found some related discussion here: http://stackoverflow.com/questions/791468/how-to-get-working-path-of-a-wcf-application The code used to get the web root is: string apPath = System.Web.Hosting.HostingEnvironment.ApplicationPhysicalPath; Still need to figure out how to turn it into a url... – Brian Sweeney May 12 '10 at 21:47
  • @Aaronaught i had not even considered that! Good point! In actuality im probably not going to pass in the html from the client side, i'll prob pass in an object (created by my client app) and use it to create the html on the server side. Additionally, i think it would be pretty easy to add a password if not some stronger type of authentication before actually generating the html. Thanks for the input though. – Brian Sweeney May 12 '10 at 21:51

1 Answers1

0

Why do you need to programatically determine the path, don't you know the it? Can't you just put it in a config file and read it from there?

Ben Robinson
  • 20,984
  • 5
  • 58
  • 76
  • I suppose i could but id rather not. The app is intended to be deployed in a variety of places and anything that reduces the amount of config files that need to be changed by me is pretty awesome. – Brian Sweeney May 12 '10 at 22:38