首页
学习
活动
专区
圈层
工具
发布
社区首页 >问答首页 >RequireSSL在包含查询字符串的Url上失败

RequireSSL在包含查询字符串的Url上失败
EN

Stack Overflow用户
提问于 2009-10-31 20:59:36
回答 2查看 532关注 0票数 1

我使用这段代码,它取自MVC futures,并将属性RequireSsl附加到一个操作上。它适用于像http://localhost/de/Account/Login这样的简单Url,但是如果我有一个查询字符串,那么问号就会被编码,请求就会失败。

http://localhost/de/Account/Login?test=omg重定向到https://localhost/de/Account/Login%3Ftest=omg。有人把它修好了吗?

代码语言:javascript
复制
 [AttributeUsage(AttributeTargets.Class | AttributeTargets.Method, Inherited = true, AllowMultiple = false)]
public sealed class RequireSslAttribute : FilterAttribute, IAuthorizationFilter
{
    public RequireSslAttribute()
    {
        Redirect = true;
    }

    public bool Redirect { get; set; }

    public void OnAuthorization(AuthorizationContext filterContext)
    {
        //Validate.IsNotNull(filterContext, "filterContext");

        if (!Configuration.EnableSSL) return;

        if (!filterContext.HttpContext.Request.IsSecureConnection)
        {
            // request is not SSL-protected, so throw or redirect
            if (Redirect)
            {
                // form new URL
                UriBuilder builder = new UriBuilder
                {
                    Scheme = "https",
                    Host = filterContext.HttpContext.Request.Url.Host,
                    // use the RawUrl since it works with URL Rewriting
                    Path = filterContext.HttpContext.Request.RawUrl
                };
                filterContext.Result = new RedirectResult(builder.ToString());
            }
            else
            {
                throw new HttpException((int)HttpStatusCode.Forbidden, "Access forbidden. The requested resource requires an SSL connection.");
            }
        }
    }


}
EN

回答 2

Stack Overflow用户

回答已采纳

发布于 2009-11-01 23:36:22

我变了

代码语言:javascript
复制
 UriBuilder builder = new UriBuilder
                {
                    Scheme = "https",
                    Host = filterContext.HttpContext.Request.Url.Host,
                    // use the RawUrl since it works with URL Rewriting
                    Path = filterContext.HttpContext.Request.RawUrl
                };

代码语言:javascript
复制
                    UriBuilder builder = new UriBuilder
                {
                    Scheme = "https",
                    Host = filterContext.HttpContext.Request.Url.Host,
                    Path = filterContext.HttpContext.Request.Url.LocalPath,
                    Query = filterContext.HttpContext.Request.Url.PathAndQuery

                };

我现在不使用UrlRewriting,这就是为什么我猜这对我来说是安全的。

票数 1
EN

Stack Overflow用户

发布于 2009-12-09 04:47:37

代码语言:javascript
复制
UriBuilder builder = new UriBuilder
{
    Scheme = "https",
    Host = filterContext.HttpContext.Request.Url.Host,
    Path = filterContext.HttpContext.Request.Path,
    Query = filterContext.HttpContext.Request.QueryString.ToString ()
};
票数 1
EN
页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:

https://stackoverflow.com/questions/1654320

复制
相关文章

相似问题

领券
问题归档专栏文章快讯文章归档关键词归档开发者手册归档开发者手册 Section 归档