I have a .NET application which uses a Web.config which in turn uses ConnectionStrings.config. By default .NET uses xml for it's config files.
I found a solution where the content of such a file is base64 encoded in a secret and decoded and stored during the build process. Most applications work with untracked/secret files like a .env.
I wonder if there is a better solution or a best practice.
GitLab supports "file type variables" which can be used to supply files with secrets to jobs. Common use cases include things like SSH keys, but should be usable for your needs.
Though, web.config also supports utilizing environment variables. That's probably the most straightforward approach. See the Microsoft Docs for more information.