Vulnerability in EPiServer.Forms

Try our conversational search powered by Generative AI!

Per Nergård
Apr 2, 2019
  2997
(6 votes)

AllowedTypes for LinkItem collection

The other day I heard a discussion about a possible requirement for only allowing specific pages in a LinkItem collection.  My first thought was to use a ContentArea property in combination with the AllowedTypes attribute but for some reason the possiblity to have external links was needed.

I googled a bit but I only found a post where a custom validation class handled validation of max number of items in a LinkItemCollection, you can read Allan Thraens blog post here.

It seemed like a clean and simple approach so I decided to do a variant that is similiar to AllowedTypes for ContentArea and ContentReference properties.

My solution is a simple validation attribute that takes an array of types that should be allowed to add to a LinkItemCollection property. The attribute ignores linkitems that are not Episerver content.If an Epierver content (page,image) is added to the LinkItemCollection and the underlying type is not inte the allowed types array a error message is displayed and publishing of the page is blocked.

You can find the coder over at my gist.

Apr 02, 2019

Comments

Praful Jangid
Praful Jangid Apr 3, 2019 02:46 PM

Good one, I was thinking to implement this requirement. :) 

One of my team mate had this requirement.

Thanks for simplifying that for us.

Per Nergård
Per Nergård Apr 13, 2019 12:47 PM

Thanks! Glad it could be of use.

John Ligtenberg
John Ligtenberg Sep 18, 2020 05:15 PM

Very useful. I changed the code to support inherited types, see my gist.

Please login to comment.
Latest blogs
Maximize performance by uploading your external data to Optimizely Graph

Learn to integrate external data into Optimizely Graph for improved performance, covering data preparation, synchronization, and effective querying.

Surjit Bharath | Dec 6, 2023 | Syndicated blog

Google Read Aloud Reload Problems

Inclusive web experiences greatly benefit from accessibility features such as Google Read Aloud. This tool, which converts text into speech, enable...

Luc Gosso (MVP) | Dec 4, 2023 | Syndicated blog

Google Read Aloud Reload Problems

Inclusive web experiences greatly benefit from accessibility features such as Google Read Aloud. This tool, which converts text into speech, enable...

Luc Gosso (MVP) | Dec 4, 2023 | Syndicated blog

Import Blobs and Databases to Integration Environments

In this blog, we are going to explore some new extensions to the Deployment API in DXP Cloud Services, specifically the ability to import databases...

Elias Lundmark | Dec 4, 2023

Setup new/existing website in DXP integration

EPiCloud v1.3 has been released! You can now upload blobs and database to DXP!

Ove Lartelius | Dec 4, 2023 | Syndicated blog

Join the Work Smarter Webinar: Working with the Power of Configured Commerce (B2B) Customer Segmentation December 7th

Join this webinar and learn about customer segmentation – how to best utilize it, how to use personalization to differentiate segmentation and how...

Karen McDougall | Dec 1, 2023