我正在关注http://msdn.microsoft.com/en-us/library/system.web.util.requestvalidator.aspx的示例,但它似乎不起作用,我仍然会收到错误。这是我的班级以及如何将其添加到webconfig
我的webconfig:
<httpRuntime requestValidationType="CustomRequestValidation"/>
我的班级:
public class CustomRequestValidation : RequestValidator
{
public CustomRequestValidation() { }
protected override bool IsValidRequestString(HttpContext context, string value, RequestValidationSource requestValidationSource, string collectionKey, out int validationFailureIndex)
{
validationFailureIndex = -1;
if (requestValidationSource == RequestValidationSource.Path)
{
// value "&","=" allowed.
if (value.Contains("&") || value.Contains("="))
{
validationFailureIndex = -1;
return true;
}
else
{
//Leave any further checks to ASP.NET.
return base.IsValidRequestString(context, value, requestValidationSource, collectionKey, out validationFailureIndex);
}
}
else
{
return base.IsValidRequestString(context, value, requestValidationSource, collectionKey, out validationFailureIndex);
}
}
}
错误详情如下:
System.Web.HttpException
A potentially dangerous Request.Path value was detected from the client (=).
System.Web.HttpException (0x80004005): A potentially dangerous Request.Path value was detected from the client (:).
at System.Web.HttpRequest.ValidateInputIfRequiredByConfig()
at System.Web.HttpApplication.ValidateRequestExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
答案 0 :(得分:3)
我也有这个问题,并将其添加到web.config解决了这个问题。
<httpRuntime requestPathInvalidCharacters="" />
默认情况下,.Net 4.0拒绝所有使用&lt;&gt; *%&amp;:\的请求?可能导致问题的字符对我来说就是这样。
[ConfigurationProperty(“requestPathInvalidCharacters”,DefaultValue = @“&lt;,&gt;,*,%,&amp;,:,\,?”)]] public string RequestPathInvalidCharacters {get;组; }
答案 1 :(得分:0)
请尝试在requestValidationType
中添加名称空间requestValidationType = “CustomControlTest.CustomRequestValidator”
这里CustomControlTest是命名空间。