本文介绍了RequireSSL的网址失败,查询字符串的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我用这个code这是从MVC期货采取和属性RequireSsl连接到一个动作。它与简单的URL如的http://本地主机/德/帐号/登录的,但如果我有一个查询字符串的问号获得URL连接codeD,请求失败。
的http://本地主机/德/帐号/登录测试= OMG 重定向至的https://本地主机/德/帐号/登录%3Ftest = OMG 。任何人有这方面的工作?
[AttributeUsage(AttributeTargets.Class | AttributeTargets.Method,继承= TRUE,的AllowMultiple = FALSE)]公共密封类RequireSslAttribute:FilterAttribute,个IAuthorizationFilter{ 公共RequireSslAttribute() { 重定向= TRUE; } 公共BOOL重定向{搞定;组; } 公共无效OnAuthorization(AuthorizationContext filterContext) { //Validate.IsNotNull(filterContextfilterContext); 如果回报(Configuration.EnableSSL!); 如果(!filterContext.HttpContext.Request.IsSecureConnection) { //请求不是SSL保护的,所以扔或重定向 如果(重定向) { //形成新的URL UriBuilder建设者=新UriBuilder { 计划=https开头, 主机= filterContext.HttpContext.Request.Url.Host, //使用RawUrl因为它与URL重写工作 路径= filterContext.HttpContext.Request.RawUrl }; filterContext.Result =新RedirectResult(builder.ToString()); } 其他 { 抛出新的HttpException((INT)的HTTPStatus code.Forbidden,禁止访问所请求的资源要求SSL连接。); } } }}解决方案
我改变了
UriBuilder建设者=新UriBuilder { 计划=https开头, 主机= filterContext.HttpContext.Request.Url.Host, //使用RawUrl因为它与URL重写工作 路径= filterContext.HttpContext.Request.RawUrl };要
UriBuilder建设者=新UriBuilder { 计划=https开头, 主机= filterContext.HttpContext.Request.Url.Host, 路径= filterContext.HttpContext.Request.Url.LocalPath, 查询= filterContext.HttpContext.Request.Url.PathAndQuery };我不使用URL重写协作的权利,这就是为什么我想这对我来说是安全的。
I use this code which is taken from MVC futures and attach the Attribute RequireSsl to an action. It works with simple Url like localhost/de/Account/Login, but if I have a querystring, the questionmark gets url encoded and the request fails.
localhost/de/Account/Login?test=omg redirects to localhost/de/Account/Login%3Ftest=omg. Anybody got this working?
[AttributeUsage(AttributeTargets.Class | AttributeTargets.Method, Inherited = true, AllowMultiple = false)] public sealed class RequireSslAttribute : FilterAttribute, IAuthorizationFilter { public RequireSslAttribute() { Redirect = true; } public bool Redirect { get; set; } public void OnAuthorization(AuthorizationContext filterContext) { //Validate.IsNotNull(filterContext, "filterContext"); if (!Configuration.EnableSSL) return; if (!filterContext.HttpContext.Request.IsSecureConnection) { // request is not SSL-protected, so throw or redirect if (Redirect) { // form new URL UriBuilder builder = new UriBuilder { Scheme = "https", Host = filterContext.HttpContext.Request.Url.Host, // use the RawUrl since it works with URL Rewriting Path = filterContext.HttpContext.Request.RawUrl }; filterContext.Result = new RedirectResult(builder.ToString()); } else { throw new HttpException((int)HttpStatusCode.Forbidden, "Access forbidden. The requested resource requires an SSL connection."); } } } }解决方案
I changed
UriBuilder builder = new UriBuilder { Scheme = "https", Host = filterContext.HttpContext.Request.Url.Host, // use the RawUrl since it works with URL Rewriting Path = filterContext.HttpContext.Request.RawUrl };To
UriBuilder builder = new UriBuilder { Scheme = "https", Host = filterContext.HttpContext.Request.Url.Host, Path = filterContext.HttpContext.Request.Url.LocalPath, Query = filterContext.HttpContext.Request.Url.PathAndQuery };I dont use UrlRewriting right now, thats why I guess this is safe for me.
更多推荐
RequireSSL的网址失败,查询字符串
发布评论