From 62ad99d0b6ec150f06736e8ba619f7d280f6143c Mon Sep 17 00:00:00 2001 From: sbwalker Date: Mon, 10 Jul 2023 14:51:32 -0400 Subject: [PATCH] prevent logging of error for personalized pages --- Oqtane.Server/Controllers/FileController.cs | 3 +-- Oqtane.Server/Controllers/PageController.cs | 11 +++++++---- 2 files changed, 8 insertions(+), 6 deletions(-) diff --git a/Oqtane.Server/Controllers/FileController.cs b/Oqtane.Server/Controllers/FileController.cs index 62b018e5..da865df8 100644 --- a/Oqtane.Server/Controllers/FileController.cs +++ b/Oqtane.Server/Controllers/FileController.cs @@ -143,9 +143,8 @@ namespace Oqtane.Controllers { _logger.Log(LogLevel.Error, this, LogFunction.Security, "Unauthorized File Get Attempt {Name} For Folder {FolderId}", name, folderId); HttpContext.Response.StatusCode = (int)HttpStatusCode.Forbidden; - file = null; } - return file; + return null; } } diff --git a/Oqtane.Server/Controllers/PageController.cs b/Oqtane.Server/Controllers/PageController.cs index 0e115c58..e6adba2f 100644 --- a/Oqtane.Server/Controllers/PageController.cs +++ b/Oqtane.Server/Controllers/PageController.cs @@ -106,8 +106,11 @@ namespace Oqtane.Controllers } else { - _logger.Log(LogLevel.Error, this, LogFunction.Security, "Unauthorized Page Get Attempt {SiteId} {Path}", siteid, path); - HttpContext.Response.StatusCode = (int)HttpStatusCode.Forbidden; + if (page != null) + { + _logger.Log(LogLevel.Error, this, LogFunction.Security, "Unauthorized Page Get Attempt {SiteId} {Path}", siteid, path); + HttpContext.Response.StatusCode = (int)HttpStatusCode.Forbidden; + } return null; } } @@ -177,8 +180,8 @@ namespace Oqtane.Controllers page = new Page(); page.SiteId = parent.SiteId; page.ParentId = parent.PageId; - page.Name = user.DisplayName != null ? user.DisplayName : user.Username; - page.Path = parent.Path + "/" + Utilities.GetFriendlyUrl(page.Name); + page.Name = user.Username; + page.Path = parent.Path + "/" + page.Name; page.Title = page.Name + " - " + parent.Name; page.Order = 0; page.IsNavigation = false;