post 传递参数中包含 html 代码解决办法,js加密,.net解密
今天遇到一个问题,就是用post方式传递参数,程序在vs中完美调试,但是在iis中,就无法运行了,显示传递的参数获取不到,报错了,查看浏览器请求情况,错误500,服务器内部错误,当时第一想法是接收方式有问题,换了无数次接收方式,都没有效,后来在请求情况的,Response中发现,其实根本原因是由于post参数中不能包含html代码,设计到跨域攻击...,所以被禁止了。
微软给出的建议是 ASP.NET Web窗体中禁用请求验证 ,我是没成功,后来我查到其实可以用在前端用js base64加密,后端再用.net base64解密一下就好了,就能完美避过html代码这个问题,情景介绍完毕,下面上代码。
js 加密:
1 function Base64() { 2 3 // private property 4 _keyStr = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/="; 5 6 // public method for encoding 7 this.encode = function (input) { 8 var output = ""; 9 var chr1, chr2, chr3, enc1, enc2, enc3, enc4; 10 var i = 0; 11 input = _utf8_encode(input); 12 while (i < input.length) { 13 chr1 = input.charCodeAt(i++); 14 chr2 = input.charCodeAt(i++); 15 chr3 = input.charCodeAt(i++); 16 enc1 = chr1 >> 2; 17 enc2 = ((chr1 & 3) << 4) | (chr2 >> 4); 18 enc3 = ((chr2 & 15) << 2) | (chr3 >> 6); 19 enc4 = chr3 & 63; 20 if (isNaN(chr2)) { 21 enc3 = enc4 = 64; 22 } else if (isNaN(chr3)) { 23 enc4 = 64; 24 } 25 output = output + 26 _keyStr.charAt(enc1) + _keyStr.charAt(enc2) + 27 _keyStr.charAt(enc3) + _keyStr.charAt(enc4); 28 } 29 return output; 30 } 31 32 // public method for decoding 33 this.decode = function (input) { 34 var output = ""; 35 var chr1, chr2, chr3; 36 var enc1, enc2, enc3, enc4; 37 var i = 0; 38 input = input.replace(/[^A-Za-z0-9\+\/\=]/g, ""); 39 while (i < input.length) { 40 enc1 = _keyStr.indexOf(input.charAt(i++)); 41 enc2 = _keyStr.indexOf(input.charAt(i++)); 42 enc3 = _keyStr.indexOf(input.charAt(i++)); 43 enc4 = _keyStr.indexOf(input.charAt(i++)); 44 chr1 = (enc1 << 2) | (enc2 >> 4); 45 chr2 = ((enc2 & 15) << 4) | (enc3 >> 2); 46 chr3 = ((enc3 & 3) << 6) | enc4; 47 output = output + String.fromCharCode(chr1); 48 if (enc3 != 64) { 49 output = output + String.fromCharCode(chr2); 50 } 51 if (enc4 != 64) { 52 output = output + String.fromCharCode(chr3); 53 } 54 } 55 output = _utf8_decode(output); 56 return output; 57 } 58 59 // private method for UTF-8 encoding 60 _utf8_encode = function (string) { 61 string = string.replace(/\r\n/g, "\n"); 62 var utftext = ""; 63 for (var n = 0; n < string.length; n++) { 64 var c = string.charCodeAt(n); 65 if (c < 128) { 66 utftext += String.fromCharCode(c); 67 } else if ((c > 127) && (c < 2048)) { 68 utftext += String.fromCharCode((c >> 6) | 192); 69 utftext += String.fromCharCode((c & 63) | 128); 70 } else { 71 utftext += String.fromCharCode((c >> 12) | 224); 72 utftext += String.fromCharCode(((c >> 6) & 63) | 128); 73 utftext += String.fromCharCode((c & 63) | 128); 74 } 75 76 } 77 return utftext; 78 } 79 80 // private method for UTF-8 decoding 81 _utf8_decode = function (utftext) { 82 var string = ""; 83 var i = 0; 84 var c = c1 = c2 = 0; 85 while (i < utftext.length) { 86 c = utftext.charCodeAt(i); 87 if (c < 128) { 88 string += String.fromCharCode(c); 89 i++; 90 } else if ((c > 191) && (c < 224)) { 91 c2 = utftext.charCodeAt(i + 1); 92 string += String.fromCharCode(((c & 31) << 6) | (c2 & 63)); 93 i += 2; 94 } else { 95 c2 = utftext.charCodeAt(i + 1); 96 c3 = utftext.charCodeAt(i + 2); 97 string += String.fromCharCode(((c & 15) << 12) | ((c2 & 63) << 6) | (c3 & 63)); 98 i += 3; 99 } 100 } 101 return string; 102 } 103 }
使用方式:
1 //1.加密 2 var base = new Base64(); 3 var result = base.encode(str);
.net 解密:
1 /// <summary> 2 /// Base64解密,采用utf8编码方式解密 3 /// </summary> 4 /// <param name="result">待解密的密文</param> 5 /// <returns>解密后的字符串</returns> 6 public static string Base64Decode(string result) 7 { 8 return Base64Decode(Encoding.UTF8, result); 9 }
另外附上js加密的链接地址,可以多学习一下,https://blog.csdn.net/u012369749/article/details/73784897,哈哈,事已至此,问题就解决了。