asp.net 4自定义请求验证器似乎不起作用

时间:2010-09-25 19:35:14

标签: asp.net requestvalidationmode

我正在关注http://msdn.microsoft.com/en-us/library/system.web.util.requestvalidator.aspx的示例,但它似乎不起作用,我仍然会收到错误。这是我的班级以及如何将其添加到webconfig

我的webconfig:

     <httpRuntime requestValidationType="CustomRequestValidation"/>

我的班级:

public class CustomRequestValidation : RequestValidator
{
public CustomRequestValidation() { }
protected override bool IsValidRequestString(HttpContext context, string value,   RequestValidationSource requestValidationSource, string collectionKey, out int validationFailureIndex)
{
    validationFailureIndex = -1;
    if (requestValidationSource == RequestValidationSource.Path)
    {
        // value "&","="  allowed.
        if (value.Contains("&") || value.Contains("="))
        {
            validationFailureIndex = -1;
            return true;
        }
        else
        {
            //Leave any further checks to ASP.NET.           
            return base.IsValidRequestString(context, value, requestValidationSource, collectionKey, out validationFailureIndex);
        }
    }
    else
    {
        return base.IsValidRequestString(context, value, requestValidationSource, collectionKey, out validationFailureIndex);
    }

   }
 }

错误详情如下:

System.Web.HttpException
A potentially dangerous Request.Path value was detected from the client (=).
System.Web.HttpException (0x80004005): A potentially dangerous Request.Path value was detected from the client (:).
   at System.Web.HttpRequest.ValidateInputIfRequiredByConfig()
   at System.Web.HttpApplication.ValidateRequestExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
   at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)

2 个答案:

答案 0 :(得分:3)

我也有这个问题,并将其添加到web.config解决了这个问题。

<httpRuntime requestPathInvalidCharacters="" />

默认情况下,.Net 4.0拒绝所有使用&lt;&gt; *%&amp;:\的请求?可能导致问题的字符对我来说就是这样。

[ConfigurationProperty(“requestPathInvalidCharacters”,DefaultValue = @“&lt;,&gt;,*,%,&amp;,:,\,?”)]] public string RequestPathInvalidCharacters {get;组; }

答案 1 :(得分:0)

请尝试在requestValidationType

中添加名称空间

requestValidationType = “CustomControlTest.CustomRequestValidator”

这里CustomControlTest是命名空间。

相关问题
最新问题