How to define root; No access with controller name and default method

ali niknami 21 Reputation points

Hello ; I defined a new root: (dotnet core 5 version)

            app.UseEndpoints(endpoints =>  
                     name: "contact",  
                     pattern: "contact-us",  
                     defaults: new { Controller = "Home", Action = "Contact" }  
                    name: "default",  
                    pattern: "{controller=blog}/{action=Index}/{id?}/{title?}");  

When I enter the "contact-us" address in the URL , I get access to "Contact" action.So far everything looks good.
But when I enter the default address "Home/Contact", I will still have access to this method!.. Is it possible for the user to have access with the address that I defined in the root?

I want the user to not be able to access the action by entering the default address of the controller and method

An object-oriented and type-safe programming language that has its roots in the C family of languages and includes support for component-oriented programming.
10,601 questions
0 comments No comments
{count} votes

Accepted answer
  1. Michael Taylor 50,836 Reputation points

    You are defining a custom route but you are also allowing the default route to work. You can't have both. If you don't want the user to be able to use a default route then you need to leave off the default route definition and use only custom routes. Ideally though you can do this as attributes on the controller itself rather than mapping all this in your startup. Attributes on the controller are cleaner, easier to manage, more related to the code that they apply to and helps keep everything organized. If you go that route then you don't need default routing and hence the user won't have access to that default route that you want disabled.

    1 person found this answer helpful.
    0 comments No comments

0 additional answers

Sort by: Most helpful