diff --git a/src/Umbraco.Web/Editors/BackOfficeController.cs b/src/Umbraco.Web/Editors/BackOfficeController.cs
index fd299e2abf..3d24d81d09 100644
--- a/src/Umbraco.Web/Editors/BackOfficeController.cs
+++ b/src/Umbraco.Web/Editors/BackOfficeController.cs
@@ -26,7 +26,6 @@ namespace Umbraco.Web.Editors
///
public class BackOfficeController : UmbracoController
{
-
///
/// Render the default view
///
@@ -199,8 +198,7 @@ namespace Umbraco.Web.Editors
return JavaScript(ServerVariablesParser.Parse(d));
}
-
-
+
private Dictionary GetApplicationState()
{
if (ApplicationContext.IsConfigured == false)
@@ -220,7 +218,6 @@ namespace Umbraco.Web.Editors
return app;
}
-
private IEnumerable> GetTreePluginsMetaData()
{
var treeTypes = PluginManager.Current.ResolveAttributedTreeControllers();
diff --git a/src/Umbraco.Web/Mvc/BackOfficeArea.cs b/src/Umbraco.Web/Mvc/BackOfficeArea.cs
index 33d0629161..1b861128c1 100644
--- a/src/Umbraco.Web/Mvc/BackOfficeArea.cs
+++ b/src/Umbraco.Web/Mvc/BackOfficeArea.cs
@@ -1,4 +1,6 @@
-using System.Web.Mvc;
+using System.Web;
+using System.Web.Mvc;
+using System.Web.Routing;
using Umbraco.Core.Configuration;
using Umbraco.Web.Editors;
using Umbraco.Web.Install;
@@ -25,6 +27,13 @@ namespace Umbraco.Web.Mvc
"Umbraco_back_office",
GlobalSettings.UmbracoMvcArea + "/{action}/{id}",
new {controller = "BackOffice", action = "Default", id = UrlParameter.Optional},
+ //limit the action/id to only allow characters - this is so this route doesn't hog all other
+ // routes like: /umbraco/channels/word.aspx, etc...
+ new
+ {
+ action = @"[a-zA-Z]*",
+ id = @"[a-zA-Z]*"
+ },
new[] {typeof (BackOfficeController).Namespace});
//Create the install routes