gpt4 book ai didi

asp.net-mvc - RequireSSL 在带有 Querystring 的 Url 上失败

转载 作者:太空宇宙 更新时间:2023-11-03 13:19:33 25 4
gpt4 key购买 nike

我使用这段取自 MVC futures 的代码,并将 Attribute RequireSsl 附加到一个操作。它适用于简单的 Url,如 http://localhost/de/Account/Login ,但是如果我有一个查询字符串,问号会被 url 编码并且请求失败。

http://localhost/de/Account/Login?test=omg重定向到 https://localhost/de/Account/Login%3Ftest=omg .有人让这个工作吗?

 [AttributeUsage(AttributeTargets.Class | AttributeTargets.Method, Inherited = true, AllowMultiple = false)]
public sealed class RequireSslAttribute : FilterAttribute, IAuthorizationFilter
{
public RequireSslAttribute()
{
Redirect = true;
}

public bool Redirect { get; set; }

public void OnAuthorization(AuthorizationContext filterContext)
{
//Validate.IsNotNull(filterContext, "filterContext");

if (!Configuration.EnableSSL) return;

if (!filterContext.HttpContext.Request.IsSecureConnection)
{
// request is not SSL-protected, so throw or redirect
if (Redirect)
{
// form new URL
UriBuilder builder = new UriBuilder
{
Scheme = "https",
Host = filterContext.HttpContext.Request.Url.Host,
// use the RawUrl since it works with URL Rewriting
Path = filterContext.HttpContext.Request.RawUrl
};
filterContext.Result = new RedirectResult(builder.ToString());
}
else
{
throw new HttpException((int)HttpStatusCode.Forbidden, "Access forbidden. The requested resource requires an SSL connection.");
}
}
}


}

最佳答案

我改变了

 UriBuilder builder = new UriBuilder
{
Scheme = "https",
Host = filterContext.HttpContext.Request.Url.Host,
// use the RawUrl since it works with URL Rewriting
Path = filterContext.HttpContext.Request.RawUrl
};

                    UriBuilder builder = new UriBuilder
{
Scheme = "https",
Host = filterContext.HttpContext.Request.Url.Host,
Path = filterContext.HttpContext.Request.Url.LocalPath,
Query = filterContext.HttpContext.Request.Url.PathAndQuery

};

我现在不使用 Url Rewriting,所以我认为这对我来说是安全的。

关于asp.net-mvc - RequireSSL 在带有 Querystring 的 Url 上失败,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/1654320/

25 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com