From d26d4aad435186c9ac16eb1e492f34aed709e1b3 Mon Sep 17 00:00:00 2001
From: Rick Anderson <3605364+Rick-Anderson@users.noreply.github.com>
Date: Thu, 25 Jun 2020 15:15:08 -1000
Subject: [PATCH] Use dedicated controllers for mixed attributes (#18879)

* Use dedicated controllers for mixed attributes

* Update aspnetcore/security/authorization/simple.md

Co-authored-by: Pranav K <prkrishn@hotmail.com>

Co-authored-by: Pranav K <prkrishn@hotmail.com>
---
 aspnetcore/security/authorization/simple.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/aspnetcore/security/authorization/simple.md b/aspnetcore/security/authorization/simple.md
index 220a0e3615..6abb5acdf6 100644
--- a/aspnetcore/security/authorization/simple.md
+++ b/aspnetcore/security/authorization/simple.md
@@ -73,7 +73,7 @@ This would allow only authenticated users to the `AccountController`, except for
 
 ## Authorize attribute and Razor Pages
 
-The <xref:Microsoft.AspNetCore.Authorization.AuthorizeAttribute> can ***not*** be applied to Razor Page handlers. For example, `[Authorize]` can't be applied to `OnGet`, `OnPost`, or any other page handler.
+The <xref:Microsoft.AspNetCore.Authorization.AuthorizeAttribute> can ***not*** be applied to Razor Page handlers. For example, `[Authorize]` can't be applied to `OnGet`, `OnPost`, or any other page handler. Consider using an ASP.NET Core MVC controller for pages with different authorization requirements for different handlers.
 
 The following two approaches can be used to apply authorization to Razor Page handler methods: