When creating a new ASP.NET application in Visual Studio, a couple of files and folders are created automatically. One of those folders is called App_Data.
Also when publishing a website by selecting the menu option Build->Publish a checkbox is available Include files from the App_Data folder.
Am I right assuming that the files put in this file and its sub-folders are not going to be accessible through the web? For example, would it be safe to put in that folder resources that I only intend to be used by the application code?
What is the real intended use of the App_Data folder?
EDIT:
Thank you for all the answers. From the answers received so far I am interested mostly in two points mentioned:
Would someone be able specify how the "not viewable by the web" is ensured? Can I rely on that fact when performing standard deployment, or do I need to check some IIS settings on the server as well.
In the situation when I have a set of pdf files that I want to be accessible only from the application. Would App_Data folder be the right place to use, or should I create a separate folder and manually set IIS to ensure that it is not accessible by Web?
App_Data is essentially a storage point for file-based data stores (as opposed to a SQL server database store for example). Some simple sites make use of it for content stored as XML for example, typically where hosting charges for a DB are expensive.