Secure the code of a published WS?

[MikeL]

Hello.

When I initially published a WS that I developed using VS there was a bug in
the code. In a client app that I wrote to test the WS I added a web
reference to the WS and ran a test, calling the published function, and it
bombed because of the coding error. To my surprise the source of the WS was
opened up in Visual Studio.

Is that code available to everyone? Why did it open up in VS and do I need
to do something to secure the code?

Thanks in advance,

Mike

 

[Keenan Newton]

Well technically if you deploy your application correctly the source
code should not show up.

I am assuming the web service you were testing against was local on
your computer when you saw the visual studio IDe open up your code in
debug mode. The reason for this is because you are probably compiling
the application in debug mode. Wehn you do this it created these
".pdb" symbol files that tell the CLR when it runs onto a certain line
of MSIL code which line of C# or VB.Net code it corresponds to the pdb
files alos tell where to look for the code on a computer. So if you
deploy the application to a production with the code files and had
compiled it in debug mode. If an exception is raised you will see a
stack trace that will shows the lines of code and the full file path of
where the code was located on the machine it was orgianlly compiled on.


So as a rule of thumb when you compile your application to be deployed
to production build it in Release mode