- ABP Framework version: v5.5.2
- UI type: Angular
- DB provider: EF Core
- Tiered (MVC) or Identity Server Separated (Angular): no
- Exception message and stack trace:
- Steps to reproduce the issue:"
We are using angular for presentation, not Mvc. Our security scanner is reporting some Mvc pages under Manage to have security issues. We think we can route to these pages because of the call to this method:
- app.UseConfiguredEndpoints();
is there a way we can remove routing to the Manage pages? When we remove the line above, the site is broken. We think the routing to our webapi is also being preformed by the method
3 risposte
-
0
We are using angular for presentation, not Mvc. Our security scanner is reporting some Mvc pages under Manage to have security issues. We think we can route to these pages because of the call to this method:
If you share your security reports, we can help better.
is there a way we can remove routing to the Manage pages? When we remove the line above, the site is broken. We think the routing to our webapi is also being preformed by the method
The account module is managed by IdentityServer and it is hosted by the backend application. That's why you are redirected back to the backend for account-related operations.
-
0
We r looking into some options that will enable u to see the security issues. Not sure when it will be ready and this weekend is a holiday weekend for us.
We have created a new 5.3 project, almost out of the box (we added a spa redirect to it). The security scan is running now. if u r still interested in the security scan, please send me an email of where I can send the info
-
0
thanks @paul.harriman
