Vulnerability in EPiServer.Forms

Try our conversational search powered by Generative AI!

Expired pages with pagefiles - Access error


Problem: When my customer sets a page to expired and that page has files in the pagefiles folder an access error occours:

You are not authorized to access /PageFiles/26664/file.png


IClient client = SearchClient.Instance;

FilesResult result = client.Search<UnifiedFile>()

Find not taking care of expired pages automaticly? Is there anything i could do in the search or could i somehow catch an "expired event" and remove the page/pagefiles from the index?

Jan 27, 2014 13:13

Refering to Access Rights in Find Documentation:

The search engine doesn’t implement any access rights filtering for documents (pages, files etc). If you add FilterForVisitor() to your query, you should be fine. FilterForVisitor includes ExcludeDelete, PublishedInCurrentLanguage, and FilterOnReadAccess.

Jan 27, 2014 14:21

FilterForVisitor isnt availble on GetFileResult, and .Filter(x => x.RolesWithReadAccess().Match("Everyone")) doesnt make any diffrence either if i dont set bypassAccessCheck to true on pagefiles. 

For now bypassAccessCheck set to true works, but i think there should be some way to use GetFileResult with pagefiles without having to enable bypassAccessCheck...

Jan 29, 2014 8:45

What EPiServer version is this?

Jan 29, 2014 9:36
* You are NOT allowed to include any hyperlinks in the post because your account hasn't associated to your company. User profile should be updated.