We are trying to use custom routes in an ASP.NET MVC application to generate this url: 'http://example.com/Person/unnecessaryinfo-42'
. The "unnecessaryinfo" is the name of the id which will make the URL hackable for the user. Below is the code for our route map. This works but my controller action ends up with "unnecesaryinfo-42" in the id parameter. Can I strip the "unnecessaryinfo-" before it reaches the controller action?
routes.MapRoute("person_id", "person/{id}",
new { controller = "Customer", action = "Details" },
new { id = @"unnecessaryinfo-\d" });
Edit:
Here's our latest code:
routes.MapRoute("person_id", "person/{unnecessaryinfo}-{id}",
new { controller = "Customer", action = "Details" },
new { id = @"[\d]{1,6}" });
The chapter on Routing from ASP.NET MVC 2 In Action (page 234) discusses avoiding the use of database IDs whenever possible but if you must use them, adding additional information to make the URL readable. This is what we're trying (unsuccessfully) to do. The database id currently ranges from 1 to 6 digits (and may grow over time).
Your back and forth on Darin's answer makes me believe that you probably have another route which is being matched and used instead of this route:
routes.MapRoute("person_id", "person/{unnecessaryinfo}-{id}",
new { controller = "Customer", action = "Details" },
new { id = @"[\d]{1,6}" });
Switching the order in which the routes are added to the RouteCollection
should fix the problem. More specific routes should be the first added to the collection. For instance if you also have this route:
routes.MapRoute("person_login", "person/{id}",
new { controller = "Customer", action = "Details" });
It should appear after your more specific "person_id" route so your code would look like this:
routes.MapRoute("person_id", "person/{unnecessaryinfo}-{id}",
new { controller = "Customer", action = "Details" },
new { id = @"[\d]{1,6}" });
routes.MapRoute("person_login", "person/{id}",
new { controller = "Customer", action = "Details" });
The URL your provided 'http://example.com/Person/unnecessaryinfo-42'
will match to both routes, but since your more specific route appears first that's the route that will be used. When a less specific URL is mapped it won't match the first and therefore the second route will be used.
That said determining what routes a URL matches can be a bit tricky. Thankfully, there are two pretty good options that assist with route debugging:
Stephen's solution is probably the best for longterm use, but Phil's is definitely the easier to implement for down and dirty debugging. I'd start with reordering your routes, but if that doesn't solve the issue use one of the aforementioned debuggers.
routes.MapRoute(
"person_id",
"person/{unnecessaryinfo}-{id}",
new { controller = "Customer", action = "Details" },
new { id = @"\d" }
);
You might also add some regex constraint in the unnecessaryinfo
route token.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With