因此,我试图通过 Js 中的 Post 将字符串作为参数提交到 asp.net 服务,但我遇到了一些困难。在声明之前,我无权访问服务器,也无法访问验证,我严格从外部客户端访问。我收到了这个回复
System.Web.HttpRequestValidationException: A potentially dangerous Request.Form value was detected from the client (message="...t;img src='http://192.168.1...").
at System.Web.HttpRequest.ValidateString(String value, String collectionKey, RequestValidationSource requestCollection)
at System.Web.HttpRequest.ValidateNameValueCollection(NameValueCollection nvc, RequestValidationSource requestCollection)
at System.Web.HttpRequest.get_Form()
at System.Web.Services.Protocols.HtmlFormParameterReader.Read(HttpRequest request)
at System.Web.Services.Protocols.HttpServerProtocol.ReadParameters()
at System.Web.Services.Protocols.WebServiceHandler.CoreProcessRequest()
我发送的消息是:
xcvxzcvzxcvxcvzxcv< br /><img src='http://192.168.1.1:82/UserUploads/Images/65968/20130122020024996.jpg' alt='User Image' />
我使用以下编码:
htmlEncode: function(str) {
str = str.replace(/&/g, '&');
str = str.replace(/'/g, ''');
str = str.replace(/"/g, """);
str = str.replace(/</g, '<');
str = str.replace(/>/g, '>');
return str;
},
产生:
xcvxzcvzxcvxcvzxcv< br /><img src='http://192.168.1.1:82/UserUploads/Images/65968/20130122020802027.jpg' alt='User Image' />
我已经运行了几个验证器并检查了我的编码,但我无法找出导致问题的原因。我唯一的猜测是 http:// 导致了问题,如 javascript 错误所示,但我不确定。任何帮助或见解将不胜感激。