我们如何在 http 模块中检测页面刷新?
问问题
996 次
1 回答
4
使用代码
<httpModules>
<add name="RefreshDetectionModule" type="HttpModules.RefreshDetectionModule"/>
</httpModules>
页面刷新检测,第一步:
为了将 HTTP-POST 与另一个不同,我决定坚持在发送到客户端的每个页面中注入(或多或少)唯一 ID 的想法。为此,我编写了自己的类,该类继承自 Stream 类并将其连接到Response.Filter。
private void application_PreRequestHandlerExecute(object sender, EventArgs e)
{
HttpApplication application = (HttpApplication)sender;
HttpContext context = application.Context;
//write the hidden field only if the request is made to the aspx-handler
if(context.Request.Path.ToLower().EndsWith(".aspx"))
{
//attach the stream that writes the hidden field
application.Response.Filter =
new RefreshDetectionResponseFilter(application.Response.Filter,
Guid.NewGuid());
}
}
流类(RefreshDetectionResponseFilter)基本上只需要重写Write方法。我将整个流写入 StringBuilder 并在生成的 HTML 文本中搜索表单标记。
public override void Write(byte[] buffer, int offset, int count)
{
//Read the buffer from the stream
string sBuffer = UTF8Encoding.UTF8.GetString(buffer, offset, count);
//when the end of the html-text is read
if (endOfFile.IsMatch(sBuffer))
{
//append the buffer
html.Append(sBuffer);
//and fire the matching for the start of the form-tag
//the form tag contains various additional attributes, therefore
//a non-greedy expression is used to find the whole opening tag.
MatchCollection aspxPageMatches =
Regex.Matches(html.ToString(),"<form[^>]*>",RegexOptions.IgnoreCase);
//When a form-tag could be found
if(aspxPageMatches.Count > 0)
{
StringBuilder newHtml = new StringBuilder();
int lastIndex = 0;
//usually only one form tag should be
//inside a html-text, but who knows ;)
for(int i = 0; i < aspxPageMatches.Count; i++)
{
//Get the text up to the form tag.
newHtml.Append(html.ToString().Substring(lastIndex,
aspxPageMatches[i].Index -lastIndex));
//get the opening form-tag
string key = aspxPageMatches[i].Value;
//generate the new hidden field
string enc = string.Format("\r\n<input id=\"{0}\" type" +
"=\"hidden\" name=\"{0}\" value=\"{1}\"/>",
HIDDEN_FIELD_ID, guid);
//write both the the html-text
newHtml.Append(key+enc);
lastIndex = aspxPageMatches[i].Index +
aspxPageMatches[i].Value.Length;
}
//append the rest of the html-text
newHtml.Append(html.ToString().Substring(lastIndex));
html = newHtml;
}
//write the whole text back to the stream
byte[] data = UTF8Encoding.UTF8.GetBytes(html.ToString());
responseStream.Write(data, 0, data.Length);
}
else
{
//when the end of the html-text is not found yet,
//write the buffer to the stringbuilder only
html.Append(sBuffer);
}
}
页面刷新检测,第二步
现在所有页面都包含隐藏字段,一旦页面被回发,我只需要注意隐藏字段的值。为此,我只需连接到 HttpModule 的 BeginRequest 事件并在已发布的表单中查找隐藏字段。
private void application_BeginRequest(object sender, EventArgs e)
{
HttpApplication application = (HttpApplication)sender;
HttpContext context = application.Context;
string s = "";
//Refreshing is only prohibited of the request is a post-request.
if(context.Request.HttpMethod.ToUpper().Equals("POST"))
{
//Get the guid from the http-post form
if(context.Request.Form!=null)
s = context.Request.Form[RefreshDetectionResponseFilter.HIDDEN_FIELD_ID];
//if the guid is already in the queue the post is a refresh
if(q.Contains(s) && s.Length>0)
{
//refresh -> Redirect to any other page
context.Response.Redirect("Logout.aspx");
context.Response.Flush();
context.Response.End();
}
//when the queue-size exceeded its limit (queueSize), guids will be
//removed from the queue until the queue size is lower than the limit.
while(q.Count>=queueSize)
q.Dequeue();
//since the post is not a refresh the guid is written to the queue
q.Enqueue(s);
}
}
我希望它有帮助
于 2012-02-14T06:12:38.330 回答