如何在 HTTPWebRequest 期间阻止 Internet Explorer 安全警报
有没有办法防止出现错误消息或以编程方式对检索 HTTPWebRequest 时弹出的消息单击“是”?下面显示的代码会产生一条警报消息,其文本为“此页面存在未指定的潜在安全风险。您想继续吗?”该消息的标题是“Internet Explorer”。关于可能导致错误消息的原因的一些线索如下:
• 它似乎不是由 sslPolicyErrors 引起的,因为代码行 ServicePointManager.ServerCertificateValidationCallback = ((sender,certificate,chain,sslPolicyErrors) => true);应该防止这种情况发生。
• 设置了 Internet Explorer 选项,以便网站 http://jobsearch.monster.com 位于受信任列表中网站。
• 该消息在执行倒数第二行代码后出现: -oDoc.close();
• 可以通过运行代码来响应窗口窗体上的按钮单击来观察该消息。
• 必须手动单击错误消息三次(是或否)才能使该消息消失。
• 这是迄今为止唯一导致此错误消息的网站。
using System;
using System.Collections.Generic;
using System.ComponentModel;
using System.Data;
using System.Drawing;
using System.IO;
using System.Linq;
using System.Text;
using System.Windows.Forms;
//using System.Threading;
using System.Net;
using mshtml;
namespace FitCShp
{
public partial class frmThreadIssue : Form
{
public frmThreadIssue()
{
InitializeComponent();
}
private void button2_Click(object sender, EventArgs e)
{
HTMLDocumentClass oDoc;
oDoc = GetDoc();
}
public HTMLDocumentClass GetDoc()
{
string WebAddrs = "http://jobsearch.monster.com/PowerSearch.aspx?q=proven%20record%20relationship&where=portland%2C%20or&rad=20&rad_units=miles&tm=60";
IHTMLDocument2 oDoc = null;
HttpWebRequest Req = (HttpWebRequest)WebRequest.Create(WebAddrs); //build the request
ServicePointManager.ServerCertificateValidationCallback = ((sender, certificate, chain, sslPolicyErrors) => true);
Req.AllowAutoRedirect = true;
Req.ContentType = "application/x-www-form-urlencoded";
Req.KeepAlive = false;
Req.UserAgent = "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.11) Gecko/20071127 Firefox/2.0.0.11'";
HttpWebResponse resp = (HttpWebResponse)Req.GetResponse();
//Get the encoding of the response
System.Text.Encoding Enc = System.Text.Encoding.GetEncoding(resp.CharacterSet);
StreamReader sr = new StreamReader(resp.GetResponseStream(), Enc); //Create the stream reader
string sDoc = sr.ReadToEnd(); //read the stream that represents the Webdoc
sr.Close(); //close the stream
HTMLDocument ProfileHTML = new HTMLDocument();
oDoc = (IHTMLDocument2)ProfileHTML;
oDoc.write(sDoc);
oDoc.close(); //--- Error occurs here
return (HTMLDocumentClass)oDoc;
}
}
}
Is there a way to prevent an error message or of programmatically clicking yes to the message that pops up while retrieving an HTTPWebRequest? The code shown below causes an alert message whose text is "This page has an unspecified potential security risk. Would you like to continue?" The caption of the message is "Internet Explorer". Some clues as to what might be causing the error message are:
• It does not seem to be caused by an sslPolicyErrors as the line of code ServicePointManager.ServerCertificateValidationCallback = ((sender, certificate, chain, sslPolicyErrors) => true); should prevent this.
• Internet Explorer options were set so that the website http://jobsearch.monster.com is on the list of trusted sites.
• The message occurs after the next to the last line of code is executed: -oDoc.close();
• The message can be observed by running the code in response to a button click on a widows form.
• The error message has to be manually clicked three times (yes or no) in order for the message to dissappear.
• This is the only web site to date that causes this error message.
using System;
using System.Collections.Generic;
using System.ComponentModel;
using System.Data;
using System.Drawing;
using System.IO;
using System.Linq;
using System.Text;
using System.Windows.Forms;
//using System.Threading;
using System.Net;
using mshtml;
namespace FitCShp
{
public partial class frmThreadIssue : Form
{
public frmThreadIssue()
{
InitializeComponent();
}
private void button2_Click(object sender, EventArgs e)
{
HTMLDocumentClass oDoc;
oDoc = GetDoc();
}
public HTMLDocumentClass GetDoc()
{
string WebAddrs = "http://jobsearch.monster.com/PowerSearch.aspx?q=proven%20record%20relationship&where=portland%2C%20or&rad=20&rad_units=miles&tm=60";
IHTMLDocument2 oDoc = null;
HttpWebRequest Req = (HttpWebRequest)WebRequest.Create(WebAddrs); //build the request
ServicePointManager.ServerCertificateValidationCallback = ((sender, certificate, chain, sslPolicyErrors) => true);
Req.AllowAutoRedirect = true;
Req.ContentType = "application/x-www-form-urlencoded";
Req.KeepAlive = false;
Req.UserAgent = "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.11) Gecko/20071127 Firefox/2.0.0.11'";
HttpWebResponse resp = (HttpWebResponse)Req.GetResponse();
//Get the encoding of the response
System.Text.Encoding Enc = System.Text.Encoding.GetEncoding(resp.CharacterSet);
StreamReader sr = new StreamReader(resp.GetResponseStream(), Enc); //Create the stream reader
string sDoc = sr.ReadToEnd(); //read the stream that represents the Webdoc
sr.Close(); //close the stream
HTMLDocument ProfileHTML = new HTMLDocument();
oDoc = (IHTMLDocument2)ProfileHTML;
oDoc.write(sDoc);
oDoc.close(); //--- Error occurs here
return (HTMLDocumentClass)oDoc;
}
}
}
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(4)
如果您的页面在 HTTPS 上下文中运行,但通过 HTTP 引用其他站点的元素,您将收到此安全警告。确保所有引用的内容(例如图像、样式表等)均在 URL 中通过 HTTPS 引用。
If your page is running in the HTTPS context, but is referencing elements from other sites via HTTP, you'll get this security warning. Make sure that all referenced content (e.g. images, style sheets, etc) are referenced with HTTPS in the URL.
HttpWebRequest 发生在服务器端,而不是客户端,因此这不是客户端警告消息的原因。浏览器做出这样反应的唯一方式是,如果您对标记本身进行非安全调用。
The HttpWebRequest is happening on the server side, not the client, so that is not the cause of your client's warning message. The only way the browser would react like that is if you had non-secure calls on the markup itself.
在创建 HTMLDocument 对象之前,删除所有 javascript 代码,这里是我的 VB 代码:
Before creating the object HTMLDocument remove all javascript code, here my VB code:
尝试使用“工具”->“Internet 选项”->“高级”->“安全”下的安全设置。例如“允许我的计算机中的文件中的活动内容运行..”
Try playing around with the security settings under Tools->InternetOptions->Advanced->Security. For eg "Allow active content from files in my computer to run.."