问题
I'm attempting to find a way to preventing a user from accessing a specific xml file. I've tried doing...
routes.MapRoute(
"SiteMap",
"SiteMap/siteMap.xml",
new { },
new { isLocal = new LocalHostRouteConstraint() });
Where the LocalHostRouteConstraint() is...
public class LocalHostRouteConstraint : IRouteConstraint
{
public bool Match(System.Web.HttpContextBase httpContext, Route route, string parameterName, RouteValueDictionary values, RouteDirection routeDirection)
{
return !httpContext.Request.IsLocal;
}
}
This is the implementation on this page...
http://www.asp.net/mvc/tutorials/creating-a-custom-route-constraint-cs
But routes are still allowed to access the xml!
Is there another way to prevent this?
EDIT Forgot to mention to ignore the ! In the LocalHostRouteConstrsint class. Was doing that for testing for it to work.
回答1:
Does the restriction have to be in the MVC routes?
If not, you can put the following right before the </configuration> closing tag in your web.config:
<location path="SiteMap/siteMap.xml">
<system.web>
<authorization>
<deny users="*"/>
</authorization>
</system.web>
</location>
来源:https://stackoverflow.com/questions/4938712/asp-net-mvc-routing-preventing-a-route-to-an-xml-file-with-a-constraint