希望这不是一个多余的问题——我不确定如何措辞。假设我在 ASP.net 页面上有一个项目列表。该列表是可选择的,因为每当用户单击一个时,页面都会进行回发,并且服务器代码将图片的索引或某些唯一标识符存储在 ViewState 属性中,指示它当前已被选中。
我想最小化服务器上的负载,因此我想以某种方式在客户端存储代表图像的索引或唯一标识符。我能想到的最好方法是将所述信息存储在隐藏字段中),但是在我发疯之前我有两个问题:
这是否以任何方式、形式或形式存在安全风险(即暴露页面的实现细节)?
有没有更好/最好的方法来做到这一点,更符合行业标准?ASP.net 是否提供了一个比我的想法更干净的框架来做到这一点?似乎这对我来说是一个相当普遍的要求......
我已经在 ASP.net 工作了大约两年了。请善待:-)
最好的,帕特里克·科祖布
The only security risk would be if some list items must remain non-selectable. It sounds like that is not the case in your situation. The user already knows the information, because he or she already selected the item.
NOTE: If the server ever does anything with that information and pulls it back from the user, then you must validate the index value. Otherwise, the user could change it to an invalid index, such as (-2), and trigger an exception.
You can store the index (or related value) in a global javascript variable. If you're avoiding a trip back to the server, .NET doesn't really have a role to play.