lsm/Orchard
1
0
Fork 0
mirror of https://github.com/OrchardCMS/Orchard.git synced 2026-02-09 09:16:41 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

remove cast from dynamic to object for medium trust

Browse Source
This commit is contained in:
Erik Oppedijk
2013-08-31 15:15:10 +02:00
parent 26c45498df
commit ad35f7d900
18 changed files with 86 additions and 128 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
src/Orchard.Web/Modules/Orchard.CustomForms/Controllers/ItemController.cs
View File

@@ -67,14 +67,13 @@ namespace Orchard.CustomForms.Controllers {
if (!Services.Authorizer.Authorize(Permissions.CreateSubmitPermission(customForm.ContentType), contentItem, T("Cannot create content")))
return new HttpUnauthorizedResult();
dynamic model = _contentManager.BuildEditor(contentItem);
var model = _contentManager.BuildEditor(contentItem);
model
.ContentItem(form)
.ReturnUrl(Url.RouteUrl(_contentManager.GetItemMetadata(form).DisplayRouteValues));
// Casting to avoid invalid (under medium trust) reflection over the protected View method and force a static invocation.
return View((object)model);
return View(model);
}
[HttpPost, ActionName("Create")]
@@ -122,7 +121,7 @@ namespace Orchard.CustomForms.Controllers {
_contentManager.Create(contentItem, VersionOptions.Draft);
dynamic model = _contentManager.UpdateEditor(contentItem, this);
var model = _contentManager.UpdateEditor(contentItem, this);
if (!ModelState.IsValid) {
_transactionManager.Cancel();