Unknown page does not require authentication

Hello Radzen Team!

It seems that unknown pages does not require authentication, and this allows unauthorized users to see and click on the sidebar menu, header and footer of my app.


I will add App.razor to the ignore list and change it my way, but could this be fixed in future versions?

We have taken this from the default Blazor application template when individual security is enabled (e.g. via running dotnet new blazorserver --auth Individual). Here is how it looks like:

<CascadingAuthenticationState>
    <Router AppAssembly="@typeof(Program).Assembly">
        <Found Context="routeData">
            <AuthorizeRouteView RouteData="@routeData" DefaultLayout="@typeof(MainLayout)" />
        </Found>
        <NotFound>
            <LayoutView Layout="@typeof(MainLayout)">
                <p>Sorry, there's nothing at this address.</p>
            </LayoutView>
        </NotFound>
    </Router>
</CascadingAuthenticationState>

Still it is safe to use the ignore list and update App.razor as you desire.

1 Like