gpt4 book ai didi

asp.net - 从客户端检测到潜在的危险Request.Form值(textboxError ="
转载 作者:行者123 更新时间:2023-12-04 05:07:32 29 4
gpt4 key购买 nike

我正在使用ozeki ng短信网关。我无法将任何短信发送到任何手机。请帮助我通过网络发送短信到手机

从客户端检测到一个潜在危险的Request.Form值(textboxError =“。设置此值之后,您可以通过在Page指令或配置部分中设置validateRequest =” false“来禁用请求验证。)建议您的应用在这种情况下显式检查所有输入。有关更多信息,请参见http://go.microsoft.com/fwlink/?LinkId=153133

异常详细信息:System.Web.HttpRequestValidationException:从客户端检测到潜在危险的Request.Form值(textboxError =“

和我的cs文件是

using System;
using System.Data;
using System.Configuration;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
using System.Net;
using System.Text.RegularExpressions;

public partial class _Default : System.Web.UI.Page
{


protected void Page_Load(object sender, EventArgs e)
{
textboxRecipient.Width = 400;
textboxMessage.Width = 450;
textboxMessage.Rows = 10;
textboxError.Width = 400;
textboxError.Rows = 5;

textboxError.ForeColor = System.Drawing.Color.Red;
textboxError.Visible = false;
textboxError.Text = "";

if (!Page.IsPostBack)
{
textboxRecipient.Text = "+441234567";
textboxMessage.Text = "Hello World!";
}
}

protected void buttonSendOnClick(object sender, EventArgs e)
{
//are required fields filled in:
if (textboxRecipient.Text == "")
{
textboxError.Text += "Recipient(s) field must not be empty!\n";
textboxError.Visible = true;
return;
}

//we creating the necessary URL string:
string ozSURL = "http://127.0.0.1"; //where Ozeki NG SMS Gateway is running
string ozSPort = "9501"; //port number where Ozeki NG SMS Gateway is listening
string ozUser = HttpUtility.UrlEncode("admin"); //username for successful login
string ozPassw = HttpUtility.UrlEncode("admin"); //user's password
string ozMessageType = "SMS:TEXT"; //type of message
string ozRecipients = HttpUtility.UrlEncode(textboxRecipient.Text); //who will get the message
string ozMessageData = HttpUtility.UrlEncode(textboxMessage.Text); //body of message

string createdURL = ozSURL + ":" + ozSPort + "/httpapi" +
"?action=sendMessage" +
"&username=" + ozUser +
"&password=" + ozPassw +
"&messageType=" + ozMessageType +
"&recipient=" + ozRecipients +
"&messageData=" + ozMessageData;

try
{
//Create the request and send data to Ozeki NG SMS Gateway Server by HTTP connection
HttpWebRequest myReq = (HttpWebRequest)WebRequest.Create(createdURL);

//Get response from Ozeki NG SMS Gateway Server and read the answer
HttpWebResponse myResp = (HttpWebResponse)myReq.GetResponse();
System.IO.StreamReader respStreamReader = new System.IO.StreamReader(myResp.GetResponseStream());
string responseString = respStreamReader.ReadToEnd();
respStreamReader.Close();
myResp.Close();

//inform the user
textboxError.Text = responseString;
textboxError.Visible = true;
}
catch (Exception)
{
//if sending request or getting response is not successful Ozeki NG SMS Gateway Server may do not run
textboxError.Text = "Ozeki NG SMS Gateway Server is not running!";
textboxError.Visible = true;
}

}
}

我的asp页面是
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" >
<head runat="server">
<title>Ozeki NG SMS Gateway Message Sending Example</title>
</head>
<body>
<center>
<form id="smsdata" runat="server">
<asp:Table id="smstable" runat="server" style="text-align:left; border-width:thin; border-color:Silver;" BorderStyle="Solid">
<asp:TableRow>
<asp:TableCell ColumnSpan="2">
<b>Compose a message:</b>
<br />
<br />
</asp:TableCell>
</asp:TableRow>
<asp:TableRow>
<asp:TableCell HorizontalAlign="Left" VerticalAlign="Top">
<asp:Label ID="labelRecipient" runat="server" Text="Recipient: "></asp:Label>
</asp:TableCell>
<asp:TableCell>
<asp:TextBox ID="textboxRecipient" runat="server"></asp:TextBox>
</asp:TableCell>
</asp:TableRow>
<asp:TableRow>
<asp:TableCell HorizontalAlign="Left" VerticalAlign="Top">
<asp:Label ID="labelMessage" runat="server" Text="Message Text: "></asp:Label>
</asp:TableCell>
<asp:TableCell>
<asp:TextBox ID="textboxMessage" runat="server" TextMode="MultiLine"></asp:TextBox>
</asp:TableCell>
</asp:TableRow>
<asp:TableRow>
<asp:TableCell ColumnSpan="2" HorizontalAlign="Center">
<asp:Button ID="buttonSend" runat="server" Text="Send Message" OnClick="buttonSendOnClick" />
</asp:TableCell>
</asp:TableRow>
<asp:TableRow>
<asp:TableCell ColumnSpan="2" HorizontalAlign="Center">
<asp:TextBox ID="textboxError" runat="server" BorderStyle="None" TextMode="MultiLine"></asp:TextBox>
</asp:TableCell>
</asp:TableRow>
</asp:Table>
</form>
</center>
</body>
</html>

最佳答案

您的问题是,其中一个字段(textboxError)的值包含XML或HTML样式的标记,默认情况下不允许使用这些标记,以避免开发人员在其应用程序中引入潜在的安全问题。

错误消息中给出了解决方案。您需要在顶部的@Page指令(在示例中省略)或web.config中添加validateRequest="false"

请注意,如果您使用的是.net 4,则需要通过稍微更改web.config并添加以下内容,从2.0退回到验证模式。

<system.web>
<httpRuntime requestValidationMode="2.0" />
</system.web>

有关requestValidationMode的更多信息,请参见 this MSDN article on requestValidationMode

关于asp.net - 从客户端检测到潜在的危险Request.Form值(textboxError ="<Responses><Response..."),我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/17591429/

29 4 0