Update LoggedInOutlet.ts

[MasterKale]

• Updated activate() to handle a bug that enabled access to non-public routes after loading a public route
• Updated publicRoutes to reflect values returned by ComponentInstruction.urlPath
• Added a small comment clarifying the purpose of the boolean assigned to each route in publicRoutes

[MasterKale]

I discovered an issue in LoggedInOutlet that allowed you to load a non-public route after loading a public route. To recreate the issue, load the /login route and then change the URL in the address bar and go to /home. The /home route will load because this.parentRouter.lastNavigationAttempt will return /login, which IS a public route.

Calling instance.urlPath will return the route that is currently being navigated to and will redirect accordingly if the route is not in publicRoutes.

[ojacquemart]

:+1:, I noticed the same issue.