0
有人可以驗證這段代碼的完整性嗎?我想用它來裝飾控制器,以便它將URL規範化爲https和/或www。這是我的代碼的第二再寫入,因爲第一個拋出自己變成一個無限的重定向,但不知何故,我仍然認爲這是不太有...提前ASP.NET MVC(2)NormalizeUrl動作篩選器屬性(C#)
public class NormalizeUrl : ActionFilterAttribute {
private bool ForceHttps = false;
private bool ForceWww = false;
public NormalizeUrl() {
}
public NormalizeUrl(
bool ForceHttps,
bool ForceWww) {
this.ForceHttps = ForceHttps;
this.ForceWww = ForceWww;
}
public override void OnActionExecuting(
ActionExecutingContext Context) {
HttpRequestBase Request = Context.HttpContext.Request;
HttpResponseBase Response = Context.HttpContext.Response;
if (!Request.IsLocal) {
Uri Uri;
if (!Request.IsSecureConnection && ForceHttps) {
if (ForceWww) {
Uri = new Uri(Uri.UriSchemeHttps + "://www." + Request.Url.Host.Replace("www.", string.Empty) + "/" + Request.Url.AbsolutePath);
} else {
Uri = new Uri(Uri.UriSchemeHttps + "://" + Request.Url.Host.Replace("www.", string.Empty) + "/" + Request.Url.AbsolutePath);
};
} else if (!ForceHttps) {
if (ForceWww) {
Uri = new Uri(Uri.UriSchemeHttp + "://www." + Request.Url.Host.Replace("www.", string.Empty) + "/" + Request.Url.AbsolutePath);
} else {
Uri = Request.Url;
};
} else {
Uri = Request.Url;
};
Response.RedirectPermanent(Uri.AbsoluteUri, true);
};
}
}
謝謝!
您是否在尋找一個安全評估? – 2010-08-04 21:31:15
不,我正在尋找一個驗證(或有關改進的建議),如果代碼將按照我想要的那樣進行,即將http:// domain.com轉換爲A)'http://www.domain.com',B)'https:// domain.com'或者C)'https:// www.domain.com',基於控制器裝飾傳入的參數。 – Gup3rSuR4c 2010-08-04 21:39:52