1

I've got a web API using ASP.NET MVC in the final stages before deployment. I had created 2 pages that were linked to in the _Layout.cshtml such as:

@Html.ActionLink("API", "Index", "Help", new { area = "" }, null)

These two added pages were used for development to edit an entity DB. I do not want these pages to be accessible in the deployed version for anyone to mess with.

I've hid the two pages along with the help documentation from the home menu by commenting out the respective lines shown above. However a direct link to the page still works. Is there any easy way to turn these pages off, or return a bad request if someone attempts to go to them, without deleting the code entirely? They will definitely be useful at some later time, I'd just prefer a way to temporarily enable/disable them besides just simply hiding the links.

ErikEJ
  • 40,951
  • 5
  • 75
  • 115
JakeD
  • 407
  • 2
  • 7
  • 19

2 Answers2

1

You can use compiler directives for this purpose. If you compile your code in Release mode, just surround code which shouldn't be deployed like this:

#if DEBUG  
    //Code which shouldn't be deployed  
#endif

If you need in at the Razor view, try most voted answers from there.

Community
  • 1
  • 1
ivamax9
  • 2,601
  • 24
  • 33
1

Depending on your app

  • IF the Web Api Help is in an Area and is the only Area in your app, you could "disable" AreaRegistration (in combination with the previous answer on directives)

    in either global.asax or /App_Start/RouteConfig.cs

    //Only register all app Areas in DEBUG
#if DEBUG
    AreaRegistration.RegisterAllAreas();
#endif

    You'll likely have to gracefully handle the error (http 500)

  • Otherwise, you could also create a Filter and apply it to the (Area) Controller(s) as needed. This way you can selectively apply it to any controller (and not have to disable Areas registration).

    This is a trivial example so improve/adjust as necessary:

    Filter:

    using System.Net;
using System.Web.Mvc;

public class PrivatizeFilter : ActionFilterAttribute
{
    public override void OnActionExecuting(ActionExecutingContext filterContext)
    {
        //This trivial example redirects to home page/root of app
        filterContext.HttpContext.Response.Headers.Add("Location", "/");
        filterContext.Result = new HttpStatusCodeResult(HttpStatusCode.Moved);
    }
}

    Decorate the Controller with the above filter (remove if/when no longer needed):

    [PrivatizeFilter]
public class HelpController : Controller
{
   ......

Hth

EdSF
  • 11,753
  • 6
  • 42
  • 83