Timeline for Anonymous Controller/Action within Authorized Site
Current License: CC BY-SA 3.0
4 events
| when toggle format | what | by | license | comment | |
|---|---|---|---|---|---|
| Feb 14, 2018 at 1:24 | vote | accept | DiscipleMichael | ||
| Feb 14, 2018 at 1:24 | comment | added | DiscipleMichael | Right on richzilla. That's the approach I'm already using. It just wanted to know if it introduced any vulnerabilities that otherwise wouldn't be there. As the access request portion is actually a separate site at the moment, that I don't want to maintain. I want to bring it in to the existing site, but wanted to have solid ground to stand on when I say that it's not introducing new vulnerabilities foundationally. See, I have to explain the work to non-development staff. Thanks I'm marking this as the answer, unless someone offers a valid dispute. | |
| Feb 13, 2018 at 14:54 | comment | added | Berin Loritsch | If you require Authorize at the class level, you don't have to add Authorize to each action. Just the ones you want to override (i.e. AllowAnonumous | |
| Feb 12, 2018 at 23:22 | history | answered | richzilla | CC BY-SA 3.0 |