1

I find the routes engine extremely useful in CakePHP, and the documentation outlines how to 'disable the default routes', referring to the two that are present on a vanilla installation (one for the home page display, another for any other page display under the /pages path).

Disabling these does not appear to disable other routes though. For example, a Post model is still accessible via /posts, /posts/view/1, etc, whereas I was hoping to hide all these default views from public, only allowing specific content to display in the routes of my choosing.

Could search engines index two pages for the same content if my configuration remained with default routes turned on? If not, I still don't really like the idea of the public figuring out the core route for a page and being able to access it through a non-public, yet still accessible, URL.

4

2 回答 2

3

If I understand correctly, remove the require from APP/routes.php (Cake 2.x only)

/**
 * Load the CakePHP default routes. Remove this if you do not want to use
 * the built-in default routes.
 */
    //require CAKE . 'Config' . DS . 'routes.php';

to disable the default routes, assuming you have fully customised all of your other routes.

于 2012-09-05T08:10:43.723 回答
0

The best, most appropriate and robust solution to ensuring that search engines and users don't view content that you don't want them to view is to block access to those controllers and actions you want protected.

If you don't want /posts/view to be accessed, then make the method private, or remove the method. If you want it accessible only to certain users, then you need to check for authorization and authentication prior to the action (maybe in a beforeFilter).

于 2012-09-05T00:19:41.153 回答