0

I use the latest MVC, with attribute routing.

When a user submits a contact form, it then redirects to a "thank you for submitting your info" view, with route foo.com/success.

How can I configure it so that my code can redirect to that success action as usual, but the user cannot navigate to it directly?

h bob
  • 3,610
  • 3
  • 35
  • 51

2 Answers2

1

if you do not have a link in page, user won't access it directly.
Otherwise if user cannot access it, you cannot access it via code neither. 

[HttpGet]
public ActionResult MyAction(){
   //...
   return RedirectToAction("Success");
}

[HttpGet]
public ActionResult Success(){
   ViewBag.Result = "thank you for submitting your info";
   return View();
}
asdf_enel_hak
  • 7,474
  • 5
  • 42
  • 84
  • "if user cannot access it, you cannot access it via code neither" - yes this is what I was afraid of... Not really what I wanted to do, but I guess the answer is, "it cannot be done". So your answer is the closest to what I need. – h bob Oct 08 '14 at 13:49
1

If you want prevent user to access action with url your action mustn't has [HttpGet] Or you must set AuthorizeAttribute on your action.for this use ajax request to call your action and send your success message to client with Json

    //Client Side
$.ajax({
    type: "POST",
    url: 'Action URL',
    contentType: "application/json; charset=utf-8",
    data: {id :1},
    dataType: "json",
    success: function(result) {
    alert(result.message);        
    }
    });


[HttpPost]
public ActionResult MyAction(string id){
   return Json(new {message="Your Message"});
}
M.Azad
  • 3,673
  • 8
  • 47
  • 77