当使用路径中带有%- has some glitches的urls (不是查询字符串;查询字符串就可以)时,IIS和ASP.NET (MVC)编码。我怎么才能避免这个问题呢?也就是说,我如何才能获得被请求的实际URL?
例如,如果我导航到/x%3Fa%3Db
并(分别)导航到/x?a=b
-它们都将.Request.Url
报告为/x?a=b
-因为不正确地报告路径中的编码数据。
发布于 2013-02-28 00:35:57
我处理这个问题的方法是查看底层的服务器变量;URL
变量包含一个已解码的值;QUERY_STRING
变量包含仍然编码的查询。我们不能只在URL
部分调用encode,因为它还包含原始形式的原始/
等-如果我们盲目地编码整个东西,我们会得到不需要的%2f
值;但是,可以将其拆分并发现有问题的情况:
private static readonly Regex simpleUrlPath = new Regex("^[-a-zA-Z0-9_/]*$", RegexOptions.Compiled);
private static readonly char[] segmentsSplitChars = { '/' };
// ^^^ avoids lots of gen-0 arrays being created when calling .Split
public static Uri GetRealUrl(this HttpRequest request)
{
if (request == null) throw new ArgumentNullException("request");
var baseUri = request.Url; // use this primarily to avoid needing to process the protocol / authority
try
{
var vars = request.ServerVariables;
var url = vars["URL"];
if (string.IsNullOrEmpty(url) || simpleUrlPath.IsMatch(url)) return baseUri; // nothing to do - looks simple enough even for IIS
var query = vars["QUERY_STRING"];
// here's the thing: url contains *decoded* values; query contains *encoded* values
// loop over the segments, encoding each separately
var sb = new StringBuilder(url.Length * 2); // allow double to be pessimistic; we already expect trouble
var segments = url.Split(segmentsSplitChars);
foreach (var segment in segments)
{
if (segment.Length == 0)
{
if(sb.Length != 0) sb.Append('/');
}
else if (simpleUrlPath.IsMatch(segment))
{
sb.Append('/').Append(segment);
}
else
{
sb.Append('/').Append(HttpUtility.UrlEncode(segment));
}
}
if (!string.IsNullOrEmpty(query)) sb.Append('?').Append(query); // query is fine; nothing needing
return new Uri(baseUri, sb.ToString());
}
catch (Exception ex)
{ // if something unexpected happens, default to the broken ASP.NET handling
GlobalApplication.LogException(ex);
return baseUri;
}
}
https://stackoverflow.com/questions/15117342
复制相似问题