3

我正在关注http://msdn.microsoft.com/en-us/library/system.web.util.requestvalidator.aspx上的示例,但它似乎不起作用,我仍然得到错误。这是我的课程以及我如何将其添加到 webconfig

我的网络配置:

     <httpRuntime requestValidationType="CustomRequestValidation"/>

我的课:

public class CustomRequestValidation : RequestValidator
{
public CustomRequestValidation() { }
protected override bool IsValidRequestString(HttpContext context, string value,   RequestValidationSource requestValidationSource, string collectionKey, out int validationFailureIndex)
{
    validationFailureIndex = -1;
    if (requestValidationSource == RequestValidationSource.Path)
    {
        // value "&","="  allowed.
        if (value.Contains("&") || value.Contains("="))
        {
            validationFailureIndex = -1;
            return true;
        }
        else
        {
            //Leave any further checks to ASP.NET.           
            return base.IsValidRequestString(context, value, requestValidationSource, collectionKey, out validationFailureIndex);
        }
    }
    else
    {
        return base.IsValidRequestString(context, value, requestValidationSource, collectionKey, out validationFailureIndex);
    }

   }
 }

错误详情如下:

System.Web.HttpException
A potentially dangerous Request.Path value was detected from the client (=).
System.Web.HttpException (0x80004005): A potentially dangerous Request.Path value was detected from the client (:).
   at System.Web.HttpRequest.ValidateInputIfRequiredByConfig()
   at System.Web.HttpApplication.ValidateRequestExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
   at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
4

2 回答 2

3

我也有这个问题,将它添加到 web.config 解决了这个问题。

<httpRuntime requestPathInvalidCharacters="" />

默认情况下,.Net 4.0 拒绝所有带有 <>*%&:\? 的请求 可能对您造成问题的字符,就像对我一样。

[ConfigurationProperty("requestPathInvalidCharacters", DefaultValue=@"<,>,*,%,&,:,\,?")] public string RequestPathInvalidCharacters { get; 放; }

于 2011-11-05T00:48:07.580 回答
0

请尝试在 requestValidationType 中添加命名空间

requestValidationType="CustomControlTest.CustomRequestValidator"

这里 CustomControlTest 是命名空间。

于 2011-07-12T11:47:23.790 回答