'Prevent direct access to controller method
I'm new to web developemnt and I was wondering if it's possible to prevent to access directly to a method of the controller.
Let's say I have this method :
public ActionResult Delete(int id)
{
//do some stuff here
}
Basically I can access it via siteaddress/controllerName/Delete?id=1 from browser, postman or whatever...
Is there a way to make this method a kind of "private" method, only accessible from the application ?
I'm using form identification (Identity). I also know I can use custom attribute to deny direct access but I don't want a redirection. Maybe "antiforgerytoken" is the solution but I'm not sure...
Solution 1:[1]
Maybe NonActionAttribute ?
[NonAction]
public void Delete(int id)
{
//do some stuff here
}
This will make the method non-accessible via HTTP, but available for C# code. If that's what you want.
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|---|
| Solution 1 | Alex from Jitbit |