ASP.NET MVC(2)规范化EURL操作筛选器属性(C#)
有人能验证这段代码的完整性吗?我想用它装饰控制器,这样它就可以将url规范化为https和/或www。这是我对代码的第二次重写,因为第一次代码被无限重定向,但不知何故,我仍然认为它不太存在ASP.NET MVC(2)规范化EURL操作筛选器属性(C#),c#,asp.net-mvc-2,normalization,C#,Asp.net Mvc 2,Normalization,有人能验证这段代码的完整性吗?我想用它装饰控制器,这样它就可以将url规范化为https和/或www。这是我对代码的第二次重写,因为第一次代码被无限重定向,但不知何故,我仍然认为它不太存在 public class NormalizeUrl : ActionFilterAttribute { private bool ForceHttps = false; private bool ForceWww = false; public NormalizeUrl() {
public class NormalizeUrl : ActionFilterAttribute {
private bool ForceHttps = false;
private bool ForceWww = false;
public NormalizeUrl() {
}
public NormalizeUrl(
bool ForceHttps,
bool ForceWww) {
this.ForceHttps = ForceHttps;
this.ForceWww = ForceWww;
}
public override void OnActionExecuting(
ActionExecutingContext Context) {
HttpRequestBase Request = Context.HttpContext.Request;
HttpResponseBase Response = Context.HttpContext.Response;
if (!Request.IsLocal) {
Uri Uri;
if (!Request.IsSecureConnection && ForceHttps) {
if (ForceWww) {
Uri = new Uri(Uri.UriSchemeHttps + "://www." + Request.Url.Host.Replace("www.", string.Empty) + "/" + Request.Url.AbsolutePath);
} else {
Uri = new Uri(Uri.UriSchemeHttps + "://" + Request.Url.Host.Replace("www.", string.Empty) + "/" + Request.Url.AbsolutePath);
};
} else if (!ForceHttps) {
if (ForceWww) {
Uri = new Uri(Uri.UriSchemeHttp + "://www." + Request.Url.Host.Replace("www.", string.Empty) + "/" + Request.Url.AbsolutePath);
} else {
Uri = Request.Url;
};
} else {
Uri = Request.Url;
};
Response.RedirectPermanent(Uri.AbsoluteUri, true);
};
}
}
提前谢谢 无论如何,在破坏了我的网站几次之后,我想出了以下稳定的代码:
public class NormalizeUrl : ActionFilterAttribute {
private bool ForceHttps = false;
private bool ForceWww = false;
public NormalizeUrl(
bool ForceHttps,
bool ForceWww) {
this.ForceHttps = ForceHttps;
this.ForceWww = ForceWww;
}
public override void OnActionExecuting(
ActionExecutingContext Context) {
HttpRequestBase Request = Context.HttpContext.Request;
HttpResponseBase Response = Context.HttpContext.Response;
if (!Request.IsLocal) {
if (!Request.IsSecureConnection && this.ForceHttps) { // http://domain.com OR http://www.domain.com
if (this.ForceWww && !Request.Url.Host.Contains("www.")) { // http://domain.com
Response.RedirectPermanent(new Uri(Uri.UriSchemeHttps + "://www." + Request.Url.Host + Request.Url.AbsolutePath).AbsoluteUri, true);
} else { // http://www.domain.com
Response.RedirectPermanent(new Uri(Uri.UriSchemeHttps + "://" + Request.Url.Host + Request.Url.AbsolutePath).AbsoluteUri, true);
};
} else {
if (this.ForceWww && !Request.Url.Host.Contains("www.")) { // http://domain.com OR https://domain.com
Response.RedirectPermanent(new Uri(Request.Url.Scheme + "://www." + Request.Url.Host + Request.Url.AbsolutePath).AbsoluteUri, true);
};
};
};
}
}
你在寻找一个安全评估吗?不,我在寻找一个验证(或改进建议),如果代码能满足我的要求,那就是采取
http://domain.comhttp://www.domain.comhttps://domain.comhttps://www.domain.com