特殊字符问题
特殊字符问题
提问于 2018-08-13 23:19:40
我正在创建一个.Net核心应用程序接口,但我有一个问题,我想在密码中保留'$‘特殊字符。
我不知道为什么,当我在请求URL中执行post方法时,它将其更改为%24
我试着改变使用Normalize,但它不起作用...
Employee Controller调用的Authentication controller:
public static class AuthenticationController
{
private class SafeTokenHandle : SafeHandleZeroOrMinusOneIsInvalid
{
private SafeTokenHandle() // called by P/Invoke
: base(true)
{
}
protected override bool ReleaseHandle()
{
return CloseHandle(this.handle);
}
}
private enum LogonType : uint
{
Network = 3, // LOGON32_LOGON_NETWORK
}
private enum LogonProvider : uint
{
WinNT50 = 3, // LOGON32_PROVIDER_WINNT50
}
[DllImport("kernel32.dll", SetLastError = true)]
private static extern bool CloseHandle(IntPtr handle);
[DllImport("advapi32.dll", SetLastError = true)]
private static extern bool LogonUser(
string userName, string domain, string password,
LogonType logonType, LogonProvider logonProvider,
out SafeTokenHandle token);
public static void AuthenticateUser(string userName, string password)
{
string domain = "domain";
string parts = domain + userName;
SafeTokenHandle token;
if (LogonUser(userName, domain, password, LogonType.Network, LogonProvider.WinNT50, out token))
token.Dispose();
else
throw new Win32Exception(); // calls Marshal.GetLastWin32Error()
}
}员工控制器:
[Route("api/[controller]")]
[ApiController]
public class EmployeeController : Controller
{
private readonly intranetApplicationAPIContext _context;
public EmployeeController(intranetApplicationAPIContext context)
{
_context = context;
}
[HttpPost]
public ActionResult GetEmployee(string username , string password)
{
try
{
AuthenticationController.AuthenticateUser(username, password);
return Ok(username +"-"+ password);
}
catch (Win32Exception ex)
{
switch (ex.NativeErrorCode)
{
case 1326: // ERROR_LOGON_FAILURE (incorrect user name or password)
return BadRequest("Error code : "+ex.NativeErrorCode+" Incorrect username or password");
case 1327: // ERROR_ACCOUNT_RESTRICTION
return BadRequest("Error code : " + ex.NativeErrorCode + " Account restriction");
case 1330: // ERROR_PASSWORD_EXPIRED
return BadRequest("Error code : " + ex.NativeErrorCode + " Password expired");
case 1331: // ERROR_ACCOUNT_DISABLED
return BadRequest("Error code : " + ex.NativeErrorCode + " Account disabled");
case 1907: // ERROR_PASSWORD_MUST_CHANGE
return BadRequest("Error code : " + ex.NativeErrorCode + " Password must change");
case 1909: // ERROR_ACCOUNT_LOCKED_OUT
return BadRequest("Error code : " + ex.NativeErrorCode + " Account locked out");
default: // Other
return BadRequest("An error has occured");
;
}
}
}
}回答 1
Stack Overflow用户
回答已采纳
发布于 2018-08-14 02:49:57
不建议在url中发送密码或用户隐私信息。(监听网络的人可以看到请求url和窃取用户密码)您可以将这些信息放在post请求正文中发送,以避免遇到编码问题,从而安全地实现过程。
页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://stackoverflow.com/questions/51825610
复制相关文章
相似问题
腾讯云开发者
