Vulnerability in EPiServer.Forms
I have created (or attempted to create) an add-in, which consists of a DLL and a couple of views. Everything seems to be working fine, but after installation only the DLL is placed in /modulesbin (and not in /modulesbin/PackageName/, which the documentation seems to suggest it wouldl). I.e I believe my problem is two-fold: 1) Only my assembly is installed, and not the views, and 2) the add-on is installed directly into /modulesbin, and not a subfolder.Does anyone know what I'm doing wrong?
This is the nuspec:
<?xml version="1.0"?><package> <metadata> <id>Initech.EPiServer.EventCalendar</id> <version>1.0.0-Alpha</version> <title>Event Calendar</title> <authors>Initech</authors> <owners>Initech</owners> <requireLicenseAcceptance>false</requireLicenseAcceptance> <description>Page types and renderers for something.</description> <releaseNotes>Alpha release.</releaseNotes> <copyright>Copyright 2014</copyright> <tags>EPiServerPublicModulePackage</tags> <dependencies> <dependency id="EPiServer" version="[7.5, 8)" /> </dependencies> </metadata> <files> <file src="..\Initech.EPiServer.AddOn\bin\Initech.EPiServer.AddOn.dll" target="lib\net40" /> <file src="..\Initech.EPiServer.AddOn\Views\**\*.*" target="content\Views" /> </files></package>
I guess your add-on assembly is deployed in modulesbin folder and add-on content files are copied in modules\Initech.EPiServer.EventCalendar subfolder within your site root.
modulesbin is a folder where add-on assemblies are deployed, which are included in add-on packages in lib folder.
Other things like views, scripts and styles should be included in content folder of your add-on package.
If add-on nuspec file contains EPiServerPublicModulePackage tag, the add-on is considered as public add-on and content resources are deployed to public_modules\addonID folder, where public_modules is by default modules subfolder within your site root (can be configured in web.config) and add-onID is the value that you specify in id field in add-on nuspec file.
Add-on is considered as protected if tags contain EPiServerModulePackage value. Content files are deployed to protected_modules\addonID directory, where protected_modules is by default your appdata\modules folder. The path to protected modules also can be configured in web.config.
You can find more information here: