A critical vulnerability was discovered in React Server Components (Next.js). Our systems remain protected but we advise to update packages to newest version. Learn More.
Can you elaborate ? With "Authenticated" pages what do you want to do and what is the current behavior?
Pages that are visible to "Restricted". Pages that don't contain "EveryOne" ->
We are not getting any error. The redirect is just not working. It still try to access the URL (old) and not the redirect one
A shot in the dark but it could be that NotFoundHandlerMiddleware is registered after whatever middleware that handles the access right redirect. You might want to add UseNotFoundHandler as early as possible
Its already called before Authentication. ->
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
else
{
// Use custom exceptions pages when in Release mode.
xxxxxxx
}
if (!string.IsNullOrEmpty(xxx))
{
app.UseMiddleware<xxx>(_configuration.xxx);
}
app.UseNotFoundHandler();
app.UseOptimizelyNotFoundHandler();
// Add the image processing middleware.
app.UseBaaijteOptimizelyImageSharp();
app.UseHsts();
app.UseMiddleware<xx>();
app.UseWebOptimizer();
app.UseContentTypeIcons();
app.UseAllElasticApm(_configuration);
app.UseStaticFiles();
app.xxx();
app.UseRouting();
app.Map(new PathString("xxx"), map =>
{
xxx
});
app.UseAuthentication();
app.UseAuthorization();
app.UseEndpoints(endpoints =>
{
endpoints.MapDefaultControllerRoute();
endpoints.MapRazorPages();
endpoints.MapContent();
});
}
Hi,
We are using Geta NotFound handler to make use of custom redirects. Redirects works fine for the pages that are visible to everyone., but not for the pages where virtual role "Authenticated" is set for restricting visibility.
Any input would be appreciated.