This repository was archived by the owner on Dec 13, 2018. It is now read-only.
This repository was archived by the owner on Dec 13, 2018. It is now read-only.
The values of Roles property in AuthorizeAttribute aren't trimmed #627
Closed
Description
Hi.
Actually in the asp.net 5 (1.0.0-rc1-final) the values of the Roles property in Authorize attribute aren't trimmed before using it.
This lead to the situation where if for any reason you have this code:
[Authorize(Roles="user, admin")]
public class MyController : Controller
{
}Users with the admin role will never be authorized because the role name will be evaluated to " admin" and not "admin".
I can work on a patch and submit it if you want.
Regards