Skip to content

Commit e4130cf

Browse files
JeremyCaneyJeremyCaney
committed
Merge branch 'feature/Container-Response' into develop
`Container` topics are meant for internal organization, not external viewing. Currently, accessing one will generally throw a 500 error since there won't be a corresponding view associated with it. That's not the best experience, as it's an _expected_ error. Instead, the `ValidateTopicAttribute` has been updated to throw a 403 Unauthorized error when a `Container` is accessed directly. This is similar to how e.g. `List` (and `List` descendants) are handled today. Unlike `List`, however, children of `Container` can still be viewed. The complements a recent (but poorly documented) update in which the `SitemapController` was updated to exclude the `Container` from its output—while still including its children (87b6d1b). As an alternative to throwing a 403 Unauthorized, the `Container` content type may optionally be configured to support a `Url` attribute, thus allowing editors to configure an explicit redirect, if appropriate.
2 parents 85216c4 + d03acc1 commit e4130cf

File tree

1 file changed

+11
-0
lines changed

1 file changed

+11
-0
lines changed

OnTopic.AspNetCore.Mvc/ValidateTopicAttribute.cs

Lines changed: 11 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -116,6 +116,17 @@ public override void OnActionExecuting(ActionExecutingContext filterContext) {
116116
return;
117117
}
118118

119+
/*------------------------------------------------------------------------------------------------------------------------
120+
| Handle containers
121+
>-------------------------------------------------------------------------------------------------------------------------
122+
| Like nested topics, containers are not expected to be viewed directly; if a user requests a container, return a 403 to
123+
| indicate that the request is valid, but forbidden. Unlike nested topics, children of containers are potentially valid.
124+
\-----------------------------------------------------------------------------------------------------------------------*/
125+
if (currentTopic.ContentType == "Container") {
126+
filterContext.Result = new StatusCodeResult(403);
127+
return;
128+
}
129+
119130
/*------------------------------------------------------------------------------------------------------------------------
120131
| Handle page groups
121132
>-------------------------------------------------------------------------------------------------------------------------

0 commit comments

Comments
 (0)