Home > OS >  How can I prevent people from pasting links to documents?
How can I prevent people from pasting links to documents?

Time:10-13

I designed an MVC app with authorization that works great. In my app, a user can click a link to view a document. The document displays in another tab. If the user saves that link, logs out, and comes back (without logging in), they can paste the link into the browser to see the document. They can also change the parameters in the link to view documents that may or may not be associated with their account. The link is create as:

@Html.ActionLink("View", "CertificatePDF", "Documents", new { wo_nbr = Model.id}, new { target = "_blank" })

This creates the following link: http://xxx.yyy.com/Documents/CertificatePDF?wo_nbr=1000462209

How can I prevent users from viewing/changing documents unless they are logged into the app?

CodePudding user response:

Add the [Authorize] attribute to your CertificatePDF action. This should require users to be authenticated. You can add the attribute to your controller class if you want everything to require authentication. Also for the opposite you can add the [AllowAnonymous] attribute to bypass authentication.

Page link:https//www.codepudding.com/os/149852.html

Prev:ASP.NET MVC Connection Problem (Error: System.Data.SqlClient.SqlException)
Next:During a git merge, how can I see which commit(s) are being merged
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding