Restore favicon, previously was served up automatically by browser but now we want to link it explicitly. also brought back the security features for accessing static files.

2025-01-08 12:38:27 -07:00
parent f48e7cd0d4
commit f2f55f8118
2 changed files with 30 additions and 9 deletions
--- a/Program.cs
+++ b/Program.cs
@@ -106,11 +106,15 @@ var app = builder.Build();
 // Configure the HTTP request pipeline.
 app.UseExceptionHandler("/Home/Error");

+app.UseStaticFiles();
 app.UseStaticFiles(new StaticFileOptions
 {
+    FileProvider = new PhysicalFileProvider(
+           Path.Combine(builder.Environment.ContentRootPath, "data", "images")),
+    RequestPath = "/images",
    OnPrepareResponse = ctx =>
    {
-        if (ctx.Context.Request.Path.StartsWithSegments("/images") || ctx.Context.Request.Path.StartsWithSegments("/documents"))
+        if (ctx.Context.Request.Path.StartsWithSegments("/images"))
        {
            ctx.Context.Response.Headers.Add("Cache-Control", "no-store");
            if (!ctx.Context.User.Identity.IsAuthenticated)
@@ -121,16 +125,21 @@ app.UseStaticFiles(new StaticFileOptions
    }
 });
 app.UseStaticFiles(new StaticFileOptions
-{
-    FileProvider = new PhysicalFileProvider(
-           Path.Combine(builder.Environment.ContentRootPath, "data", "images")),
-    RequestPath = "/images"
-});
-app.UseStaticFiles(new StaticFileOptions
 {
    FileProvider = new PhysicalFileProvider(
           Path.Combine(builder.Environment.ContentRootPath, "data", "documents")),
-    RequestPath = "/documents"
+    RequestPath = "/documents",
+    OnPrepareResponse = ctx =>
+    {
+        if (ctx.Context.Request.Path.StartsWithSegments("/documents"))
+        {
+            ctx.Context.Response.Headers.Add("Cache-Control", "no-store");
+            if (!ctx.Context.User.Identity.IsAuthenticated)
+            {
+                ctx.Context.Response.Redirect("/Login");
+            }
+        }
+    }
 });
 app.UseStaticFiles(new StaticFileOptions
 {
@@ -142,7 +151,18 @@ app.UseStaticFiles(new StaticFileOptions
 {
    FileProvider = new PhysicalFileProvider(
           Path.Combine(builder.Environment.ContentRootPath, "data", "temp")),
-    RequestPath = "/temp"
+    RequestPath = "/temp",
+    OnPrepareResponse = ctx =>
+    {
+        if (ctx.Context.Request.Path.StartsWithSegments("/temp"))
+        {
+            ctx.Context.Response.Headers.Add("Cache-Control", "no-store");
+            if (!ctx.Context.User.Identity.IsAuthenticated)
+            {
+                ctx.Context.Response.Redirect("/Login");
+            }
+        }
+    }
 });

 app.UseRouting();