Develop Reference

ASP.NET Web.Debug and Web.Release file transformations

First of all I know there are several pages about this issue e.g. Web.Config Debug/Release, Web.config Transformation Syntax now generalized for any XML configuration file and Web.config File Transformations. But most of them are outdated and does not mentioned clearly about all of the three files: Web.config, Web.Debug.config, Web.Release.config.
So, assume that I have the following settings for Web.config:
Web.config:
<appSettings>
<add key="ClientId" value="xxxxx"/>
<add key="ClientSecret" value="xxxxx"/>
</appSettings>
And I want to use these settings in debug and release in the following ways:
Web.Debug.config:
<appSettings>
<add key="ClientId" value="ddddd"/>
<add key="ClientSecret" value="ddddd"/>
</appSettings>
Web.Release.config:
<appSettings>
<add key="ClientId" value="rrrrr"/>
<add key="ClientSecret" value="rrrrr"/>
</appSettings>
1) What is the procedures to perform this accurately? I think while debugging and publishing, these settings are used automatically according to my selection Debug or Release in Visual Studio run and publish dialog. Is that true?
2) Should I remove these settings from Web.config after moving to Web.Debug.config and Web.Release.config?
3) What is the Test selection in the Configuration field of the Publish dialog in VS?
Any help would be appreciated.

I would recommend reading an overview of how web.config transforms work:
https://blog.elmah.io/web-config-transformations-the-definitive-syntax-guide/
In general, the Web.*.config files will make changes to the Web.config file depending on the selected publish configuration in Visual Studio. For example, if you want to update/replace a value in a debug publish, your Web.Debug.config file should look like:
<configuration xmlns:xdt="...">
<appSettings>
<add key"ClientId" value="ddddd" xdt:Transform="SetAttributes" xdt:Locator="Match(key)" />
<add key"ClientSecret" value="ddddd" xdt:Transform="SetAttributes" xdt:Locator="Match(key)" />
</appSettings>
</configuration>
Here is the current Microsoft documentation on how these work:
https://learn.microsoft.com/en-us/aspnet/core/host-and-deploy/iis/transform-webconfig?view=aspnetcore-3.1

ASP.NET Terminating due to Timeout

The script crashes over timeout. Where can I customize? I understand that in the application itself in web.config you need to register something like
<system.web>
<httpRuntime executionTimeout="10000" />
</system.web>
If I understand correctly, then I don’t understand where exactly to put this tag?
I have this structure in web.config
configuration
location
system.webServer
security
handlers
aspNetCore

You can configure this sitewide as a child of the configuration node.
https://learn.microsoft.com/en-us/dotnet/framework/configure-apps/file-schema/web/
You can also configure them with more granularity, as a child of your location node(s)
<location path="foo">
<system.web>
<!-- Set execution timeout to 6 minutes -->
<httpRuntime executionTimeout="360" />
</system.web>
</location>

Why my app does not load correctly on local server?

I'm setting up a new app on a server on my work and when I access to the ip address on the explorer shows the default app
Default app
but when I try to access to the app that i created shows this error
My app
This is my web.config file
<?xml version="1.0" encoding="utf-8"?>
<!--
For more information on how to configure your ASP.NET application, please visit
http://go.microsoft.com/fwlink/?LinkId=169433
-->
<configuration>
<system.webServer>
<defaultDocument>
<files>
<clear />
<add value="Default.aspx" />
</files>
</defaultDocument>
</system.webServer>
<system.web>
<compilation targetFramework="4.5.2" />
<httpRuntime targetFramework="4.5.2" />
<pages>
<controls>
<add tagPrefix="ajaxToolkit" assembly="AjaxControlToolkit" namespace="AjaxControlToolkit" />
</controls>
</pages>
</system.web>
<appSettings>
<add key="ValidationSettings:UnobtrusiveValidationMode" value="None" />
</appSettings>
</configuration>
This are my files
Files of application
I tried a lot of solutions, like permitions on folders on the IIS manager, enabling anonymous access, modifying web.config file, modifying the AutoEventWireup="true|false " etc but all of them leads me to the same error, can it be a compilation error? I am publishing via file system and pasted it on the wwwroot directory
Also I am using master pages except for the first page (the login)

With the configuration you are showing you most likely need to configure a virtual directory in IIS for your application to run in.

I solved my problem (not sure what I did diferent than before but its working now)
Instead of adding another website I added an application on the default website
and that solved the problem
Thanks a lot

A potentially dangerous Request.Path value was detected from the client (<)

I first searched for this issue on stack & some other sites & implemented solution in web.config file but still getting the error..
My web.config
<system.web>
<compilation debug="true" strict="false" explicit="true" targetFramework="4.5.2"/>
<httpRuntime requestPathInvalidCharacters="<,>,*,%,&,:,\,?" targetFramework="4.5.2" requestValidationMode="2.0"/>
<customErrors mode="Off"/>
<trust level="Full"/>
<pages validateRequest="false">
<namespaces>
<add namespace="System.Runtime.Serialization"/>
<add namespace="System.ServiceModel"/>
<add namespace="System.ServiceModel.Web"/>
</namespaces>
</pages>
</system.web>
I am trying to get Iframe source values from my db table. It's google map I want to include in my page..

This error signals that you are issuing web request with '<' character, and Asp.Net has some prevention against using potentially malicious characters. You should probably set
<system.web><httpRuntime requestPathInvalidCharacters="" /><pages validateRequest="false" /></system.web>
See also http://www.christophercrooker.com/use-any-characters-you-want-in-your-urls-with-aspnet-4-and-iis
But keep in mind that you are switching off functionality that exists to make it harder for attackers to break your web application. So, if I were you, I would first think if I can change the app to not use forbidden chars in URLs

blank asp.net site shows web.config error when i try to access it

I have created a blank asp.net website consisting of a blank default.aspx page, its .cs file, a login.aspx page and its .cs and a web.config. I'm looking to test .net authentication as seen in here on the MSDN site. I've copied everything as shown in the article. I set up the site in IIS6 now when I go to the site I get the runtime error with the:
"To enable the details of this specific error message to be viewable on remote machines, please create a tag within a "web.config" configuration file located in the root directory of the current web application. This tag should then have its "mode" attribute set to "Off"."
message. when I add the customErrors mode="On" tag to the web.config I still get this error like its not looking at the web.config. I've triple checked IIS and its definitely looking at the right site folder. Here's my web.config:
<?xml version="1.0"?>
<configuration>
<system.web>
<customErrors mode="On"/>
<authentication mode="Forms">
<forms loginUrl="Logon.aspx" name=".ASPXFORMSAUTH">
</forms>
</authentication>
<authorization>
<deny users="?" />
</authorization>
<compilation debug="false" targetFramework="4.0" />
</system.web>
</configuration>
I usually set sites up through CMS installations. This is the first time I've done one from a blank site in visual studio. Is there more you need to add to web.config?

set
<customErrors mode="Off"/>
to see the actual error.

You need to set
Not "On" to see the actual error with stacktrace.