search

RickStrahl / Westwind.Globalization

Database driven resource localization for .NET applications
544 stars 135 forks source link

LocalizationFormWebPath configuration does not work #108

Closed khoanguyen closed 6 years ago

khoanguyen commented 6 years ago

I have my setting as below image

However the path doesn't change, it just shows 404 page when accessing "\~/abcd/index.html" And I can only access the Editor at default location "\~/LocalizationAdmin/index.html"

Furthermore, how can I disable Resource Editor on Production? if anyone know the editor URL they can go there and drop my resources. I could not find away to drop it. I deleted the LocalizationFormWebPath config from web.config but when navigating to the default location, that config was automatically added with default value again.

Below are Westwind packages in my project image

Thanks and Regards

khoanguyen commented 6 years ago

For people who wants to achieve the same thing as above, while waiting for the solution, my current workaround is applying security on ~/LocalizationAdmin path in Production web.config

...
 <location path="LocalizationAdmin">
    <system.web>
      <authorization>
        <deny users="*"/>
      </authorization>
    </system.web>
  </location>
...

The Editor still loads, but all the AJAX request for loading, updating resource will be blocked. It just shows a blank Editor.

RickStrahl commented 6 years ago

Yes that's the right way to approach this.

In the ASP.NET Core version there's a special configuration delegate option that allows you to explicitly check for authentication but for classic ASP.NET you can easily use existing security (either Windows folder security or forms authentication to the folder).