Vulnerability in EPiServer.Forms
We have multiple domains for each language e.g.
Say I have an article for dog in both english and german with urls
The issue that I have is that the following also works
Is it expected behavior? We are using EPiServer CMS 6.
That's expected behavior. At least what EPiServer thinks.
Would you consider or recommend overriding the behavior? We can possibly write custom URL provider but for every URL that gets hit, we would need to check if URL is correct for that domain. And that would mean loading the Page object before in the cycle while rewriting and also when finally URL reaches page handler.
I filed a bug to investigate if we can be more stricter regarding languages/sites and friendly URL:s. Might be good to know that if we do a fix, we will do this in the EPiServer 7 branch and will not be able to backport it since the friendly URL handling has been completely rewritten in EPiServer 7.
RegardsLinus EkströmEPiServer Development Team
I have the same question.
Linus, could you give me an update on what your query resulted in?
Additionally, is there maybe also a way to hide the "wrong" pages via Google Webmaster Tools?
The issue has been fixed in CMS7 development branch, it should probably be available in next maintenance drop.