14

我正在尝试将 HTTP 403 错误代码返回给客户端。我读过 HttpException 是完成此任务的最干净的方法,但它对我不起作用。我从这样的页面中抛出异常:

throw new HttpException(403,"You must be logged in to access this resource.");

但是,这只会在 CustomErrors 关闭时提供标准的 ASP.Net 堆栈跟踪(带有 500 错误)。如果启用了 CustomErrors,那么这将不会重定向到我设置的页面,以便在发生 403 错误时显示。我应该忘记 HttpException 而是自己设置所有 HTTP 代码吗?我该如何解决?

我的 Web.Config 的自定义错误部分是这样的:

<customErrors mode="On" defaultRedirect="GenericErrorPage.html">
      <error statusCode="403" redirect="Forbidden.html" />
</customErrors>

我不会得到 Forbidden.html,而是得到 GenericErrorPage.html

4

3 回答 3

8

您需要像这样覆盖应用程序错误:

    protected void Application_Error()
    {
        var exception = Server.GetLastError();
        var httpException = exception as HttpException;
        Response.Clear();
        Server.ClearError();
        
        var routeData = new RouteData();
        routeData.Values["controller"] = "Errors";
        routeData.Values["action"] = "General";
        routeData.Values["exception"] = exception;
        Response.StatusCode = 500;

        if (httpException != null)
        {
            Response.StatusCode = httpException.GetHttpCode();
            switch (Response.StatusCode)
            {
                case 403:
                    routeData.Values["action"] = "Http403";
                    break;
                case 404:
                    routeData.Values["action"] = "Http404";
                    break;
            }
        }

        IController errorsController = new ErrorsController();
        var rc = new RequestContext(new HttpContextWrapper(Context), routeData);
        errorsController.Execute(rc);
    }

然后你必须添加errorsController:

public class ErrorsController : Controller
{
    public ActionResult General(Exception exception)
    {
        ViewBag.ErrorCode = Response.StatusCode;
        ViewBag.Message = "Error Happened";

        //you should log your exception here

        return View("Index");
    }

    public ActionResult Http404()
    {
        ViewBag.ErrorCode = Response.StatusCode;
        ViewBag.Message = "Not Found";
        return View("Index");
    }

    public ActionResult Http403()
    {
        ViewBag.Message = Response.StatusCode;
        ViewBag.Message = "Forbidden";
        return View("Index");
    }

}

最后为errorsController创建一个视图。我只在 Views/Errors/ 中创建了一个名为 index 的视图。

于 2011-05-04T13:26:57.817 回答
3

将此代码包含在Web.config文件的元素configuration/system.web中:

  <customErrors mode="On">
    <error statusCode="403" redirect="~/errors/Forbidden.aspx"/>
  </customErrors>

我设法让它按预期工作。

您可以在这里找到一个很好的示例教程(示例 3 是正确的):http: //aspnetresources.com/articles/CustomErrorPages

或者您可以使用 Response.Status 这样做: Asp Classic return specific http status code

于 2011-04-10T16:04:55.397 回答
1

实际上,我最终创建了自己的漂亮小班来解决这个问题。它不能处理所有事情,我不确定它是否与 MVC 配合得很好,但它适用于我的使用。基本上,它不会依赖 ASP.Net 输出正确的错误页面和错误代码,而是会清除错误,然后进行服务器端传输并显示相应的 Web.Config 错误页面。它还可以识别 customErrors 模式并做出相应的反应。

public static class CustomErrorsFixer
{
    static public void HandleErrors(HttpContext Context)
    {
        if(RunIt(Context)==false){
            return;
        }
        HttpException ex = Context.Error as HttpException;
        if(ex==null){
            try{
                ex=Context.Error.InnerException as HttpException;
            }catch{
                ex=null;
            }
        }

        if (ex != null){
            Context.Response.StatusCode = ex.GetHttpCode();
        }else{
            Context.Response.StatusCode = 500;
        }
        Context.ClearError();

        Context.Server.Transfer(GetCustomError(Context.Response.StatusCode.ToString()));
        HttpContext.Current.Response.End();
    }
    static protected string GetCustomError(string code)
    {
        CustomErrorsSection section = ConfigurationManager.GetSection("system.web/customErrors") as CustomErrorsSection;

        if (section != null)
        {
            CustomError page = section.Errors[code];

            if (page != null)
            {
                return page.Redirect;
            }
        }
        return section.DefaultRedirect;
    }
    static protected bool RunIt(HttpContext context){
        CustomErrorsSection section = ConfigurationManager.GetSection("system.web/customErrors") as CustomErrorsSection;
        switch(section.Mode){
            case CustomErrorsMode.Off:
                return false;
            case CustomErrorsMode.On:
                return true;
            case CustomErrorsMode.RemoteOnly:
                return !(context.Request.UserHostAddress=="127.0.0.1");
            default:
                return true;
        }
    }

}

然后激活它,只需在 Global.asax 中添加一个小东西

    protected virtual void Application_Error (Object sender, EventArgs e)
    {
        CustomErrorsFixer.HandleErrors(Context);
    }
于 2011-04-10T20:23:33.503 回答