处理“潜在危险的Request.Form值...”

发布于 2024-08-14 05:15:01 字数 364 浏览 11 评论 0原文

处理诸如此类的错误的最佳方法是什么

从客户端检测到潜在危险的 Request.Form 值”

我想保持验证,因为我的表单没有有效的理由允许 HTML 字符。但是,我不太确定如何为了以更友好的方式处理此错误,我尝试在 Page_Error 中处理它,但据我所知,这发生在较低级别的部分,因此 Page_Error

因此,我可能不得不在我的 Global.asax 文件中使用 Application_Error 如果这是处理该错误的唯一方法,有什么办法吗 专门处理该一个错误?我不想以相同的方式处理所有应用程序错误

What's the best way to handle errors such as

A potentially dangerous Request.Form value was detected from the client"

in ASP.NET?

I'd like to keep the validation on, as my forms have no valid reasons to be allowing HTML characters. However, I'm not quite sure how to handle this error in a more friendly manner. I tried handling it in a Page_Error but, as far as I can tell, this occurs in a lower level section so the Page_Error function never fires.

Therefore, I may have to resort to using Application_Error in my Global.asax file. If this is the only way of handling that error, is there a way of specifically handling that one error? I don't want to handle all application errors in the same manner.

Thanks

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(3

放血 2024-08-21 05:15:02

您有两个选择:

// Editing your global.asax.cs
public class Global : System.Web.HttpApplication
{
    protected void Application_Error(object sender, EventArgs e)
    {
        Exception lastError = Server.GetLastError();
        if (lastError is HttpRequestValidationException)
        {
            Response.Redirect("~/RequestValidationError.aspx");
        }
    }
}

或者

// Editing your CUser.aspx.cs
public partial class CUser : System.Web.UI.Page
{
    protected override void OnError(EventArgs e)
    {
        Response.Redirect("~/RequestValidationError.aspx");
        Context.ClearError();
    }
}

You have two options:

// Editing your global.asax.cs
public class Global : System.Web.HttpApplication
{
    protected void Application_Error(object sender, EventArgs e)
    {
        Exception lastError = Server.GetLastError();
        if (lastError is HttpRequestValidationException)
        {
            Response.Redirect("~/RequestValidationError.aspx");
        }
    }
}

Or

// Editing your CUser.aspx.cs
public partial class CUser : System.Web.UI.Page
{
    protected override void OnError(EventArgs e)
    {
        Response.Redirect("~/RequestValidationError.aspx");
        Context.ClearError();
    }
}
谁的新欢旧爱 2024-08-21 05:15:02

您不想向 Global.asax 添加不必要的包袱。如果您确信这是由虚假数据输入引起的,请处理输入,无论它来自何处:

http://codersbarn.com/post/2008/11/01/ASPNET-Data-Input-Validation.aspx

重点分析原因错误 :-)

You don't want to go adding unnecessary baggage to the Global.asax. If you're satisfied that this is caused by spurious data input, then deal with the input, no matter where it's coming from:

http://codersbarn.com/post/2008/11/01/ASPNET-Data-Input-Validation.aspx

Concentrate on the cause of the error :-)

等你爱我 2024-08-21 05:15:02

您可以在 Application_Error 中使用 Server.GetLastError() 来获取引发的异常、检查异常并根据需要进行响应(重定向到页面等)

You can use Server.GetLastError() in Application_Error to get the exception that was thrown, inspect the exception, and respond as you like to it (redirect to a page, etc)

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文