Share via


add Element for httpHandlers (ASP.NET Settings Schema) 

Adds a handler to an application. A handler is an IHttpHandler or IHttpHandlerFactory interface that processes requests for specific URLs.

<add verb="verb list"
          path="path/wildcard"
     type="type,assemblyname"
     validate="true|false" />

Attributes and Elements

The following sections describe attributes, child elements, and parent elements.

Attributes

Attribute Description

path

Required attribute.

Specifies that the path attribute can contain either a single URL path or a simple wildcard string (for example, *.aspx).

type

Required attribute.

Specifies a comma-separated class/assembly combination. ASP.NET searches for the assembly DLL first in the private \bin directory for the application, and then in the system assembly cache.

verb

Required attribute.

Specifies that the verb list can be either a comma-separated list of HTTP verbs (for example, "GET, PUT, POST") or a start-script mapping (for example, the asterisk [*] wildcard character).

validate

Optional attribute.

If false, ASP.NET will not try to load the class until the actual matching request comes. Potentially, this might delay the error but it does improve start-up time.

Child Elements

None.

Parent Elements

Element Description

configuration

Specifies the root element in every configuration file that is used by the common language runtime and the .NET Framework applications.

System.web

Specifies the root element for the ASP.NET configuration section.

httpHandlers

Maps incoming requests to the appropriate IHttpHandler or IHttpHandlerFactory interface, according to the URL and the HTTP verb that is specified in the request.

Remarks

The <httpHandlers> settings are inherited by subdirectives.

The <add> directives are processed in top-down, sequential order. If two or more <add> subdirectives specify the same verb/path combination, the final <add> overrides all others.

Microsoft Internet Information Services (IIS) has its own mode for mapping extensions to ISAPIs. For the settings for a given extension in this section to take effect, the extension must be mapped in IIS to ASP.NET ISAPI. For nonstandard extensions (something other than .aspx, .asmx, .asax, and so on), you must configure IIS.

Default Configuration

The following default add element is configured in the Machine.config file in the .NET Framework version 1.1.

<add verb="*" path="*.vjsproj" type="System.Web.HttpForbiddenHandler"/>
<add verb="*" path="*.java" type="System.Web.HttpForbiddenHandler"/>
<add verb="*" path="*.jsl" type="System.Web.HttpForbiddenHandler"/>
<add verb="*" path="trace.axd" type="System.Web.Handlers.TraceHandler"/>
<add verb="*" path="*.aspx" type="System.Web.UI.PageHandlerFactory"/>
<add verb="*" path="*.ashx" type="System.Web.UI.SimpleHandlerFactory"/>
<add verb="*" path="*.asmx" type="System.Web.Services.Protocols.WebServiceHandlerFactory,
System.Web.Services, Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" 
     validate="false"/>
<add verb="*" path="*.rem" type="System.Runtime.Remoting.Channels.Http.HttpRemotingHandlerFactory
System.Runtime.Remoting, Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" 
     validate="false"/>
<add verb="*" path="*.soap" type="System.Runtime.Remoting.Channels.Http.HttpRemotingHandlerFactory,
System.Runtime.Remoting, Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" 
     validate="false"/>
<add verb="*" path="*.asax" type="System.Web.HttpForbiddenHandler"/>
<add verb="*" path="*.ascx" type="System.Web.HttpForbiddenHandler"/>
<add verb="GET,HEAD" path="*.dll.config" type="System.Web.StaticFileHandler"/>
<add verb="GET,HEAD" path="*.exe.config" type="System.Web.StaticFileHandler"/>
<add verb="*" path="*.config" type="System.Web.HttpForbiddenHandler"/>
<add verb="*" path="*.cs" type="System.Web.HttpForbiddenHandler"/>
<add verb="*" path="*.csproj" type="System.Web.HttpForbiddenHandler"/>
<add verb="*" path="*.vb" type="System.Web.HttpForbiddenHandler"/>
<add verb="*" path="*.vbproj" type="System.Web.HttpForbiddenHandler"/>
<add verb="*" path="*.webinfo" type="System.Web.HttpForbiddenHandler"/>
<add verb="*" path="*.asp" type="System.Web.HttpForbiddenHandler"/>
<add verb="*" path="*.licx" type="System.Web.HttpForbiddenHandler"/>
<add verb="*" path="*.resx" type="System.Web.HttpForbiddenHandler"/>
<add verb="*" path="*.resources" type="System.Web.HttpForbiddenHandler"/>
<add verb="GET,HEAD" path="*" type="System.Web.StaticFileHandler"/>
<add verb="*" path="*" type="System.Web.HttpMethodNotAllowedHandler"/>

The following default add element is configured in the Machine.config file in the .NET Framework version 1.0.

<add verb="*" path="trace.axd" type="System.Web.Handlers.TraceHandler" />
<add verb="*" path="*.aspx" type="System.Web.UI.PageHandlerFactory" />
<add verb="*" path="*.ashx" type="System.Web.UI.SimpleHandlerFactory" />
<add verb="*" path="*.asmx" type="System.Web.Services.Protocols.WebServiceHandlerFactory,
System.Web.Services, Version=1.0.3300.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" 
     validate="false"/> 
<add verb="*" path="*.rem" type="System.Runtime.Remoting.Channels.Http.HttpRemotingHandlerFactory,
System.Runtime.Remoting, Version=1.0.3300.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" 
     validate="false"/>
<add verb="*" path="*.soap" type="System.Runtime.Remoting.Channels.Http.HttpRemotingHandlerFactory,
System.Runtime.Remoting, Version=1.0.3300.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" 
     validate="false"/>
<add verb="*" path="*.asax" type="System.Web.HttpForbiddenHandler" />
<add verb="*" path="*.ascx" type="System.Web.HttpForbiddenHandler" />
<add verb="*" path="*.config" type="System.Web.HttpForbiddenHandler" />
<add verb="*" path="*.cs" type="System.Web.HttpForbiddenHandler" />
<add verb="*" path="*.csproj" type="System.Web.HttpForbiddenHandler" />
<add verb="*" path="*.vb" type="System.Web.HttpForbiddenHandler" />
<add verb="*" path="*.vbproj" type="System.Web.HttpForbiddenHandler" />
<add verb="*" path="*.webinfo" type="System.Web.HttpForbiddenHandler" />
<add verb="*" path="*.asp" type="System.Web.HttpForbiddenHandler" />
<add verb="*" path="*.licx" type="System.Web.HttpForbiddenHandler" />
<add verb="*" path="*.resx" type="System.Web.HttpForbiddenHandler" />
<add verb="*" path="*.resources" type="System.Web.HttpForbiddenHandler" />
<add verb="GET,HEAD" path="*" type="System.Web.StaticFileHandler" />
<add verb="*" path="*" type="System.Web.HttpMethodNotAllowedHandler" />

The following default add element is configured in the root Web.config file in the .NET Framework version 2.0.

<add path="trace.axd" verb="*" type="System.Web.Handlers.TraceHandler" validate="True" />
<add path="WebResource.axd" verb="GET" type="System.Web.Handlers.AssemblyResourceLoader" validate="True" />
<add path="*.axd" verb="*" type="System.Web.HttpNotFoundHandler" 
     validate="True" />
<add path="*.aspx" verb="*" type="System.Web.UI.PageHandlerFactory" validate="True" />
<add path="*.ashx" verb="*" type="System.Web.UI.SimpleHandlerFactory" validate="True" />
<add path="*.asmx" verb="*" type="System.Web.Services.Protocols.WebServiceHandlerFactory,
System.Web.Services, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" 
     validate="False" />
<add path="*.rem" verb="*" type="System.Runtime.Remoting.Channels.Http.HttpRemotingHandlerFactory,
System.Runtime.Remoting, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" 
     validate="False" />
<add path="*.soap" verb="*" type="System.Runtime.Remoting.Channels.Http.HttpRemotingHandlerFactory,
System.Runtime.Remoting, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" 
     validate="False" />
<add path="*.asax" verb="*" type="System.Web.HttpForbiddenHandler" validate="True" />
<add path="*.ascx" verb="*" type="System.Web.HttpForbiddenHandler" validate="True" />
<add path="*.master" verb="*" type="System.Web.HttpForbiddenHandler" validate="True" />
<add path="*.skin" verb="*" type="System.Web.HttpForbiddenHandler" validate="True" />
<add path="*.browser" verb="*" type="System.Web.HttpForbiddenHandler" validate="True" />
<add path="*.sitemap" verb="*" type="System.Web.HttpForbiddenHandler" validate="True" />
<add path="*.dll.config" verb="GET,HEAD" type="System.Web.StaticFileHandler" validate="True" />
<add path="*.exe.config" verb="GET,HEAD" type="System.Web.StaticFileHandler" validate="True" />
<add path="*.config" verb="*" type="System.Web.HttpForbiddenHandler" validate="True" />
<add path="*.cs" verb="*" type="System.Web.HttpForbiddenHandler" validate="True" />
<add path="*.csproj" verb="*" type="System.Web.HttpForbiddenHandler" validate="True" />
<add path="*.vb" verb="*" type="System.Web.HttpForbiddenHandler" validate="True" />
<add path="*.vbproj" verb="*" type="System.Web.HttpForbiddenHandler" validate="True" />
<add path="*.webinfo" verb="*" type="System.Web.HttpForbiddenHandler" validate="True" />
<add path="*.licx" verb="*" type="System.Web.HttpForbiddenHandler" validate="True" />
<add path="*.resx" verb="*" type="System.Web.HttpForbiddenHandler" validate="True" />
<add path="*.resources" verb="*" type="System.Web.HttpForbiddenHandler" validate="True" />
<add path="*.mdb" verb="*" type="System.Web.HttpForbiddenHandler" validate="True" />
<add path="*.vjsproj" verb="*" type="System.Web.HttpForbiddenHandler" validate="True" />
<add path="*.java" verb="*" type="System.Web.HttpForbiddenHandler" validate="True" />
<add path="*.jsl" verb="*" type="System.Web.HttpForbiddenHandler" validate="True" />
<add path="*.ldb" verb="*" type="System.Web.HttpForbiddenHandler"  validate="True" />
<add path="*.dsdgm" verb="*" type="System.Web.HttpForbiddenHandler" validate="True" />
<add path="*.ssdgm" verb="*" type="System.Web.HttpForbiddenHandler" validate="True" />
<add path="*.lsad" verb="*" type="System.Web.HttpForbiddenHandler" validate="True" />
<add path="*.ssmap" verb="*" type="System.Web.HttpForbiddenHandler" validate="True" />
<add path="*.cd" verb="*" type="System.Web.HttpForbiddenHandler" validate="True" />
<add path="*.dsprototype" verb="*" type="System.Web.HttpForbiddenHandler" validate="True" />
<add path="*.lsaprototype" verb="*" type="System.Web.HttpForbiddenHandler" validate="True" />
<add path="*.sdm" verb="*" type="System.Web.HttpForbiddenHandler" validate="True" />
<add path="*.sdmDocument" verb="*" type="System.Web.HttpForbiddenHandler" validate="True" />
<add path="*.mdf" verb="*" type="System.Web.HttpForbiddenHandler" validate="True" />
<add path="*.ldf" verb="*" type="System.Web.HttpForbiddenHandler" validate="True" />
<add path="*" verb="GET,HEAD,POST" type="System.Web.DefaultHttpHandler" validate="True" />
<add path="*" verb="*" type="System.Web.HttpMethodNotAllowedHandler" validate="True" />

Example

The following code example demonstrates how to map all HTTP requests for files with the file name extension .New to the class MyHandler.New and for HTTP GET and HEAD requests for files with the file name extension .MyNewFileExtension to the class MyHandler.MNFEHandler. Both classes are in the assembly MyHandler that is in the file MyHandler.dll.

<configuration>
   <system.web>
      <httpHandlers>
         <add verb="*" 
              path="*.New" 
              type="MyHandler.New,MyHandler"/>
         <add verb="GET,HEAD" 
              path="*.MyNewFileExtension" 
              type="MyHandler.MNFEHandler,MyHandler.dll"/>
     </httpHandlers>
   <system.web>
</configuration>

Element Information

Configuration section handler

System.Web.Configuration.HttpHandlersSection

Configuration member

System.Web.Configuration.SystemWebSectionGroup.HttpHandlers

Configurable locations

Machine.config

Root-level Web.config

Application-level Web.config

Virtual or physical directory–level Web.config

Requirements

Microsoft Internet Information Services (IIS) version 5.0, 5.1, or 6.0

The .NET Framework version 1.0, 1.1, or 2.0

Microsoft Visual Studio 2003 or Visual Studio 2005

See Also

Tasks

How to: Lock ASP.NET Configuration Settings

Reference

httpHandlers Element (ASP.NET Settings Schema)
system.web Element (ASP.NET Settings Schema)
<configuration> Element
clear Element for httpHandlers (ASP.NET Settings Schema)
remove Element for httpHandlers (ASP.NET Settings Schema)
System.Configuration
System.Web.Configuration

Concepts

ASP.NET Configuration Overview
ASP.NET Web Server Controls and Browser Capabilities
Securing ASP.NET Configuration
ASP.NET Configuration Scenarios

Other Resources

ASP.NET Configuration Files
ASP.NET Configuration Settings
General Configuration Settings (ASP.NET)
ASP.NET Configuration API