我遇到Ajax请求和重定向问题。我尝试按如下方式创建自定义授权属性:
[AttributeUsage(AttributeTargets.Class | AttributeTargets.Method)]
public class MyAuthorizeAttribute : AuthorizeAttribute
public override void OnAuthorization(AuthorizationContext filterContext)
{
base.OnAuthorization(filterContext);
if (filterContext.Result == null || (filterContext.Result.GetType() != typeof(HttpUnauthorizedResult)
|| !filterContext.HttpContext.Request.IsAjaxRequest()))
return;
var redirectToUrl = "/login?returnUrl=" + filterContext.HttpContext.Request.UrlReferrer.PathAndQuery;
filterContext.Result = (filterContext.HttpContext.Request.ContentType == "application/json"
? (ActionResult)
new JsonResult
{
Data = new { RedirectTo = redirectToUrl },
ContentEncoding = System.Text.Encoding.UTF8,
JsonRequestBehavior = JsonRequestBehavior.DenyGet
}
: new ContentResult
{
Content = redirectToUrl,
ContentEncoding = System.Text.Encoding.UTF8,
ContentType = "text/html"
});
//Important: Cannot set 401 as asp.net intercepts and returns login page
//so instead set 530 User access denied
filterContext.HttpContext.Response.StatusCode = 530; //User Access Denied
filterContext.HttpContext.Response.TrySkipIisCustomErrors = true;
}
}
但isAjaxRequest()在我的应用程序中始终为false。即使我从jquery .ajax()调用中调用该操作。
编辑:包括建议的ajax调用。 我的一些ajax调用是由jqGrid组件完成的。数据类型设置为JSON,类型为POST。控制器具有HTTPPost装饰。其中一些是直接的jquery ajax调用,如:
$("#clientList").change(function () {
var client = $("#clientList").val();
$.ajax({
url: "myurl",
data: { 'client': client },
cache: false,
traditional: true,
type: 'POST',
success: function (data) {
<do something here>
}
});
});