当前位置: 文江博客话题详情

ASP.Net - 使用表单身份验证时,如何允许未经身份验证的用户查看导入的脚本文件?

发布于 2024-08-11 09:04:31 字数 2117 浏览 6 评论 0原文

我正在使用 ASP.Net 和表单身份验证。当用户被定向到登录页面时,我收到 JavaScript 错误:

消息:语法错误行:3 字符:1 代码:0 URI: http://localhost:49791/login.aspx?ReturnUrl=%2fWebImageButton.js< /a>

这是因为我在单独的 Web Control Project 控件中使用自定义图像按钮,该控件将 ScriptReference 添加到页面:

public class WebImageButton : LinkButton, IScriptControl, IButtonControl
{
    protected override void OnPreRender(EventArgs e)
    {

        // Link the script up with the script manager
        ScriptManager scriptManager = ScriptManager.GetCurrent(this.Page);
        if (scriptManager != null)
        {
            scriptManager.RegisterScriptControl(this);
            scriptManager.Scripts.Add(new ScriptReference("<snip>.WebImageButton.js", "<snip>"));
        }

        base.OnPreRender(e);

    }
}

如果我将以下规则添加到我的 Web.Config 中,则文件将成功导入:

<location path="WebImageButton.js">
    <system.web>
      <authorization>
        <allow users="*" />
      </authorization>
    </system.web>
  </location>

这不是'不是很好,因为我有许多做同样事情的自定义控件,而且我并不特别喜欢单独验证它们的每个 js 文件。

有没有办法可以声明所有导入的脚本引用都应该被允许?我尝试授权 WebResource.axd 文件以防万一,但页面本身(呈现时)物理引用 WebImageButton.js 文件。

理想的情况如下:

  <location path="My.WebControlLibraryProject.Controls">
    <system.web>
      <authorization>
        <allow users="*" />
      </authorization>
    </system.web>
  </location>

有没有办法在不列出每个文件的情况下实现这一目标?

EDIT: Just to be clear, these script files are in another project and are not in my actual web project. I know how to declare the location paths of directory paths to include a large number of files in one wack, but I can't figure out how to authenticate automatic script references, which are from embedded resources.

原文

I'm using ASP.Net and forms authentication. When a user is directed to the Login Page I get a JavaScript error:

Message: Syntax error Line: 3 Char: 1
Code: 0 URI:
http://localhost:49791/login.aspx?ReturnUrl=%2fWebImageButton.js

This is because I am using a Custom Image Button in a separate Web Control Project control that adds a ScriptReference to the page:

public class WebImageButton : LinkButton, IScriptControl, IButtonControl
{
    protected override void OnPreRender(EventArgs e)
    {

        // Link the script up with the script manager
        ScriptManager scriptManager = ScriptManager.GetCurrent(this.Page);
        if (scriptManager != null)
        {
            scriptManager.RegisterScriptControl(this);
            scriptManager.Scripts.Add(new ScriptReference("<snip>.WebImageButton.js", "<snip>"));
        }

        base.OnPreRender(e);

    }
}

If I add the following rule into my Web.Config, then the file is successfully imported:

<location path="WebImageButton.js">
    <system.web>
      <authorization>
        <allow users="*" />
      </authorization>
    </system.web>
  </location>

This isn't very good as I have a number of custom controls that do the same thing, and I don't particularly fancy authenticating each of their js files individually.

Is there no way that I can declare that all imported script references should be allowed? I tried authorising the WebResource.axd file in-case that allows it, but the page itself (when rendered) physically references the WebImageButton.js file.

The ideal scenario would be something like the following:

  <location path="My.WebControlLibraryProject.Controls">
    <system.web>
      <authorization>
        <allow users="*" />
      </authorization>
    </system.web>
  </location>

Is there any way to achieve this without listing each file?

EDIT: Just to be clear, these script files are in another project and are not in my actual web project. I know how to declare the location paths of directory paths to include a large number of files in one wack, but I can't figure out how to authenticate automatic script references, which are from embedded resources.

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(3

怀里藏娇 2024-08-18 09:04:31

WebImageButton.js 是嵌入式资源吗?正如我所看到的,您已经实现了IScriptControl。因此,您必须返回 IScriptControl.GetScriptReferences 上的所有脚本引用。我认为嵌入式资源永远不会被授权。我在不同情况下使用一些自定义控件,没有任何问题。我想知道脚本管理器直接引用 WebImageButton.js ,而不是以 .axd 文件的形式。所以,我认为问题出在你的资源文件上。

public class WebImageButton : LinkButton, IScriptControl, IButtonControl
{

    protected ScriptManager ScriptManager
    {
        get
        {
            ScriptManager scriptManager = ScriptManager.GetCurrent(this.Page);
            if (scriptManager == null)
            {
                throw new System.Web.HttpException("<snip>");
            }
            return scriptManager;
        }
    }

    protected override void Render(HtmlTextWriter writer)
    {
        base.Render(writer);

        this.ScriptManager.RegisterScriptControl<WebImageButton>(this);
    }

    #region IScriptControl Members

    public System.Collections.Generic.IEnumerable<ScriptDescriptor> GetScriptDescriptors()
    {
        yield break;
    }

    public System.Collections.Generic.IEnumerable<ScriptReference> GetScriptReferences()
    {
        yield return new ScriptReference("<snip>.WebImageButton.js", "Assembly Name");
    }

    #endregion

}

Is the WebImageButton.js an embedded resource? As I've seen, you had implemented IScriptControl. Thus, you must return all of script references on the IScriptControl.GetScriptReferences. I think an embedded resource never be authorized. I use some of custom controls in different situation and don't have any problem. I'm wondering that script manager references to WebImageButton.js directly, and not in form of .axd file. So, I think the problem is arising from your resource file.

public class WebImageButton : LinkButton, IScriptControl, IButtonControl
{

    protected ScriptManager ScriptManager
    {
        get
        {
            ScriptManager scriptManager = ScriptManager.GetCurrent(this.Page);
            if (scriptManager == null)
            {
                throw new System.Web.HttpException("<snip>");
            }
            return scriptManager;
        }
    }

    protected override void Render(HtmlTextWriter writer)
    {
        base.Render(writer);

        this.ScriptManager.RegisterScriptControl<WebImageButton>(this);
    }

    #region IScriptControl Members

    public System.Collections.Generic.IEnumerable<ScriptDescriptor> GetScriptDescriptors()
    {
        yield break;
    }

    public System.Collections.Generic.IEnumerable<ScriptReference> GetScriptReferences()
    {
        yield return new ScriptReference("<snip>.WebImageButton.js", "Assembly Name");
    }

    #endregion

}
回复 原文
爱本泡沫多脆弱 2024-08-18 09:04:31

这只是一个猜测 - 您是否尝试过在位置路径中放入通配符?也许类似于 <位置路径=“*.js”>?

This is just a guess - have you tried putting in a wildcard in the location path? Perhaps something like < location path="*.js">?

回复 原文
葬花如无物 2024-08-18 09:04:31

您可以指定一个通用位置并将所有脚本放在那里,以便所有不需要授权的脚本都会通过。您只需将路径更改为您想要的任何文件夹并将脚本放在那里。

这不仅适用于脚本,也适用于其他资源,例如图像、样式表等。

You can specify a generic location and put all your scripts there so that all the scripts that don't require authorization will pass. You just need to change the path to whatever folder you want it to be and put the scripts there.

That will work for not only scripts, but other resources as well, such as images, style sheets, etc.

回复 原文
~没有更多了~

关于作者

疯狂的代价

暂无简介

0 文章
0 评论
23 人气
发私信

相关话题

更多

热门标签

操作系统 程序设计 IT运维 Linux系统管理 JavaScript 服务器应用 solaris C/C++ PHP Shell BSD Vue.js aix Oracle Python HTML 系统管理 HTML5 CSS 前端
更多

推荐作者

linfzu01

文章 0 评论 0

§对你不离不弃

文章 0 评论 0

可遇━不可求

文章 0 评论 0

枕梦

文章 0 评论 0

qq_3LFa8Q

文章 0 评论 0

JP

文章 0 评论 0

更多

友情链接

文江博客
    我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
    原文