允许在 URL 中使用星号
我无法在网站的 URL 中使用星号 (*)。我正在运行 ASP.NET MVC 2 和 .NET 4.0。
下面是描述该问题的示例:
http://mysite.com/profile/view/Nice *
用户名很好* 并且 ASP.NET 说 URL 中存在非法字符:
Illegal characters in path.
Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.
Exception Details: System.ArgumentException: Illegal characters in path.
我已经尝试了我在网上看到的所有 Web.config 方法,例如:
<pages validateRequest="false">
所以
<httpRuntime requestPathInvalidCharacters="" requestValidationMode="2.0" />
我的问题是: 是否可以在 URL 中允许星号?如果没有,.NET 中是否有某种编码方法可以对 asterisk(*) 进行编码?
谢谢!
I'm having a trouble allowing asterisk (*) in the URL of my website. I am running ASP.NET MVC 2 and .NET 4.0.
Here's an example that describes the problem:
http://mysite.com/profile/view/Nice*
The username is Nice* and ASP.NET says there are illegal characters in the URL:
Illegal characters in path.
Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.
Exception Details: System.ArgumentException: Illegal characters in path.
I have tried all the Web.config methods I've seen online such as:
<pages validateRequest="false">
and
<httpRuntime requestPathInvalidCharacters="" requestValidationMode="2.0" />
So my question is: Is it possible to allow asterisk in URL? If not, is there some encoding method in .NET that can encode asterisk(*) ?
Thanks!
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(3)
http://www.w3.org/Addressing/URL/4_URI_Recommentations.html
http://www.w3.org/Addressing/URL/4_URI_Recommentations.html
星号 (*) 是具有特殊含义的保留字符,因此不应在 URI 中错误使用。相反,您应该在将每个用户名插入 URI 之前对每个用户名进行百分比编码。
在百分比编码下,星号字符变为“%2A”。
所以完整、正确的 URI 是:
http://example.com/profile/view/Nice%2A
用户名编码百分比应该会自动为您翻译回原始用户名字符串。
当您的用户将这些地址复制并粘贴到他们的邮件程序中时,这不仅允许您的 URI 在服务器端进行验证,还可以在客户端进行验证。
例如,Stack Overflow 自动超链接安全的、百分比编码的 URI:
http://example.com/profile/view/Nice%2A
但它没有完全超链接不安全版本:
http:// example.com/profile/?user=username*
Stack Overflow 链接中不包含星号 - 因此您的用户可能会访问错误的页面。
(抱歉,我无法演示这一点 - 我只允许在我的帖子中包含两个链接。)
在将数据插入 URI 之前,始终对数据进行百分比编码,可以为自己省去很多麻烦。
The asterisk (*) is a reserved character with special meaning, so it shouldn't be used incorrectly in URIs. Instead, you should percent encode each username before you insert it into the URI.
Under percent encoding, the asterisk character becomes "%2A".
So the complete, correct URI would be:
http://example.com/profile/view/Nice%2A
The percent encoding username should be automatically translated back into the original username string for you.
This will not only allow your URI to validate server-side, but also client-side, when your users copy and paste these addresses into their mail programs.
For example, Stack Overflow automatically hyperlinks the safe, percent encoded URI:
http:// example.com/profile/view/Nice%2A
But it doesn't fully hyperlink the unsafe version:
http:// example.com/profile/?user=username*
The asterisk is not included in the Stack Overflow link--so your user would have ended up the wrong page.
(Sorry I can't demonstrate this--I'm only allowed to included two links in my post.)
You can save yourself a great deal of trouble by always percent encoding data before you insert it into a URI.
我的解决方案是将其更改为查询字符串。
例如:
http://mysite.com/profile/?user=username*
这样就可以了似乎工作得很好。
我确实知道星号 (*) 是保留字符,因此我什至不应该允许用户名拥有它。但这解决了我的问题。
My solution was to change it to a query string.
E.g.:
http://mysite.com/profile/?user=username*
That way it seems to work just fine.
I do know that asterisk (*) is a reserved character and thus I shouldn't even allow usernames to have it. But this solves my problem.