0
samara081 created
We have MVC with .Net Core 6. Aspnet zero 11.4
Our security team raised security issue that AbpServiceProxies/GetAll for dynamic APIs is exposed for public. and we have to make secured just for authenticated users. Is there any way to make it secured without affecting the system
Thanks
1 Answer(s)
-
0
Hi @samara081
Unfortunately securing this endpoint will cause some problems. Output of this endpoint is used by not authorized pages. If you still want to do this, you can create a copy of https://github.com/aspnetboilerplate/aspnetboilerplate/blob/dev/src/Abp.AspNetCore/AspNetCore/Mvc/Proxying/AbpServiceProxiesController.cs and prevent access to existing AbpServiceProxies controller by writing a custom middleware.
Have an answer to this question?
Log in
and write your answer.