Vulnerability in EPiServer.Forms
We have a EPiServer page structure, with several levels deep. When a page is displayed, the URL in the browser web address box is along the lines of http://<server>/en/securepages/MyPage/. We want the url visible to the user to be, in the example above, http://<server>/MyPage/.
Can we 'hide' parts of the page tree structure in the URL without actually flattening it? The 'pages' we want to hide in the URL themselves have no purpose other than being containers.
Any suggestions would be most appreciated.
This is possible by setting the "Simple Address for this page" value in the settings tab. This allows you to specify short URLs for your pages.
We had looked at that option, but we were hoping to achieve this through code, without 'Simple Address for this Page' being used or at least not the responsiblility for the CMS editor who may be creating new pages.
One option could be to set up event handlers for Url rewriting events exposed by EPiServer.Web.UrlRewriteProvider. In your case you would need to have event handlers both for incoming and outcoming URLs.