How can set the base path of ASP.NET Core app whilst disabling access from the root path?

Question

I know I can set the base path of my service using app.UsePathBase("/AppPath"); so that my API is available from http://example.com/AppPath/controller1 but if I do this my API is also available from the root path http://example.com/controller1. How do I disable access from the root path?

I also tried to use a route like this app.UseMvc(routes => routes.MapRoute("default", "IRate/{controller}/{action}/{id?}")); but it has the same problem.

The reason I want to do this is because when it is deployed in production it will be deployed under an Application prefix (not as the root app) and when I am running the API on local host during debugging I want to simulate the production condictions.

Answer 1

That's by design according to this Github issue.

UsePathBase is primarily about getting those segments out of your way because they're a deployment detail, and if they stayed it would mess up your routing.

Consider the alternative. If it were to disable the root path, how would it do so? A 404 isn't really appropriate, presumably that path is available on a separate instance of your site hosting the root. You could use Map as shown above if you really wanted the 404.

If you want to return a 404 when the root is accessed, you can use a nested mapping, which is described in that issue :

In which case, you probably want something closer to this, with a nested MapMiddleware :

public void Configure(IApplicationBuilder app)
{
    app.Map("/basepath", mainapp =>
    {
        mainapp.Map("/ping", map => map.Run(async
            ctx => await ctx.Response.WriteAsync("pong")));

        mainapp.UseMvc();
    });
}

This way you specify mappings, routes, etc only for requests that come under /basepath. Everything else is discarded and returns a 404.

You'll have to remember to call mainapp instead of app for all configuration calls. Otherwise you may end up with script and css URLs that point to the root instead of the custom base path. You can avoid this by extracting the configuration code from Configure(app,env) into a separate method, eg:

    public void Configure(IApplicationBuilder app, IHostingEnvironment env)
    {
        app.Map("/AppPath", mainapp =>
        {
            mappedConfigure(mainapp,env);
        });
    }

    private void mappedConfigure(IApplicationBuilder app,IHostingEnvironment env)
    {
        if (env.IsDevelopment())
        {
            app.UseDeveloperExceptionPage();
        }
        else
        {
            app.UseExceptionHandler("/Home/Error");
            // The default HSTS value is 30 days. You may want to change this for production scenarios, see https://aka.ms/aspnetcore-hsts.
            app.UseHsts();
        }

        app.UseHttpsRedirection();
        app.UseStaticFiles();
        app.UseCookiePolicy();

        app.UseMvc(routes =>
        {
            routes.MapRoute(
                name: "default",
                template: "{controller=Home}/{action=Index}/{id?}");
        });
    }