MVC過(guò)濾整個(gè)項(xiàng)目輸入關(guān)鍵字

發(fā)布時(shí)間：2020-07-06 14:27:58 來(lái)源：網(wǎng)絡(luò) 閱讀：273 作者：365850153 欄目：開發(fā)技術(shù)

第1步驟.新建過(guò)濾關(guān)鍵字實(shí)現(xiàn)類：Proce***equest

using System;

using System.Collections.Generic;

using System.Linq;

using System.Text;

using System.Threading;

using System.Web;

using System.Web.UI;

using System.Web.UI.WebControls;

using System.Web.UI.WebControls.WebParts;

using System.Web.UI.HtmlControls;

using SaaS.Admin.Base;

namespace SaaS.Admin.Controllers

{

public class Proce***equest

{

public void ProcessCheckkeyWord()

{

#region 過(guò)濾URL提交過(guò)來(lái)的參數(shù)【檢查是否存在關(guān)鍵字】

string[] keywors = { "javascript", "vbscript", "jscript", "script", "eval", "<", ">", "\'", "\"", "&", "#" };

string returnUrl="/";//url地址

try

{

string httpmethodType = System.Web.HttpContext.Current.Request.HttpMethod;

if (httpmethodType != "")

{

string haskeyword = "";

if (httpmethodType.ToLower() == "get")

{

System.Collections.Specialized.NameValueCollection geturlparm = System.Web.HttpContext.Current.Request.QueryString;

if (System.Web.HttpContext.Current.Request.UrlReferrer != null) //

{

returnUrl = System.Web.HttpContext.Current.Request.UrlReferrer.PathAndQuery.ToString();

}

int counts = geturlparm.AllKeys.Count();

string[] urlparms = geturlparm.AllKeys;

if (counts > 0 && urlparms.Length > 0)

{

for (int i = 0; i < urlparms.Length; i++)

{

string parmvalue = System.Web.HttpContext.Current.Request.QueryString[i];//對(duì)應(yīng)參數(shù)值

for (int j = 0; j < keywors.Length; j++)

{

if (parmvalue != "" || !string.IsNullOrEmpty(parmvalue))

{

if (parmvalue.IndexOf(keywors[j].ToLower()) != -1)

{

haskeyword = haskeyword + keywors[j] + ",";

}

if (haskeyword != "")

{

string newkeyws = "";

if (haskeyword.EndsWith(","))

{

haskeyword = haskeyword.Substring(0, haskeyword.Length - 1);

#region 過(guò)濾掉重復(fù)出現(xiàn)的關(guān)鍵字符串

string[] keyws = haskeyword.Split(',');

if (keyws.Length > 0)

{

keyws = keyws.ToList().Distinct().ToArray();//過(guò)濾掉重復(fù)的字符

for (int i = 0; i < keyws.Length; i++)

{

if (i == 0)

{

newkeyws = keyws[i];

}

else

{

newkeyws = newkeyws + "," + keyws[i];

}

newkeyws = newkeyws.Replace("\'", "＇").

Replace("\"", "＂");//把\'單引號(hào)，\"雙引號(hào)修改為中文的單雙引號(hào)

#endregion

}

string script = "<script>window.alert('參數(shù)存在不安全字符');" + " </" + "script>";

string strScript = "<script charset='utf-8' Language=Javascript>if( confirm('參數(shù)存在不安全字符:" + newkeyws + "') ) {window.history.back(-1); } else { window.history.back(-1);}</script>";

StringBuilder sb = new StringBuilder();

sb.Append("<html>");

sb.Append("<head>");

sb.Append("<meta charset=\"utf-8\" />");

sb.Append(strScript);

sb.Append("</head>");

sb.Append("</html>");

System.Web.HttpContext.Current.Response.Write(sb.ToString());

System.Web.HttpContext.Current.Response.End();

}

else if (httpmethodType.ToLower() == "post")

{

System.Collections.Specialized.NameValueCollection urlparm = System.Web.HttpContext.Current.Request.Form;

if (System.Web.HttpContext.Current.Request.UrlReferrer != null) //

{

returnUrl = System.Web.HttpContext.Current.Request.UrlReferrer.PathAndQuery.ToString();

}

int counts = urlparm.AllKeys.Count();

string[] urlparms = urlparm.AllKeys;

if (counts > 0 && urlparms.Length > 0)

{

for (int i = 0; i < urlparms.Length; i++)

{

string parmvalue = System.Web.HttpContext.Current.Request.Form[i];//對(duì)應(yīng)參數(shù)值

for (int j = 0; j < keywors.Length; j++)

{

if (parmvalue != "" || !string.IsNullOrEmpty(parmvalue))

{

if (parmvalue.IndexOf(keywors[j].ToLower()) != -1)

{

haskeyword = haskeyword + keywors[j] + ",";

}

if (haskeyword != "")

{

if (haskeyword.EndsWith(","))

{

haskeyword = haskeyword.Substring(0, haskeyword.Length - 1);

#region 過(guò)濾掉重復(fù)出現(xiàn)的關(guān)鍵字符串

string[] keyws = haskeyword.Split(',');

string newkeyws = "";

if (keyws.Length>0)

{

keyws = keyws.ToList().Distinct().ToArray();//過(guò)濾掉重復(fù)的字符

for (int i = 0; i < keyws.Length; i++)

{

if (i == 0)

{

newkeyws = keyws[i];

}

else

{

newkeyws =newkeyws+ "," + keyws[i];

}

newkeyws = newkeyws.Replace("\'", "＇").

Replace("\"", "＂");//把\'單引號(hào)，\"雙引號(hào)修改為中文的單雙引號(hào)

#endregion

StringBuilder sb=new StringBuilder();

sb.Append("<html>");

sb.Append("<head>");

sb.Append("<meta charset=\"utf-8\" />");

sb.Append(strScript);

sb.Append("</head>");

sb.Append("</html>");

System.Web.HttpContext.Current.Response.Write(sb.ToString());

System.Web.HttpContext.Current.Response.End();

//System.Web.HttpContext.Current.Response.Write("<script charset='utf-8' Language=Javascript>if( confirm('" + GetBytesKeyWord + "" + newkeyws + "') ) {document.location.href='" + returnUrl + "'; } else { document.location.href='" + returnUrl + "' }</script>");

//System.Web.HttpContext.Current.Response.End();

}

else if (httpmethodType.ToLower() == "head")

{

System.Web.HttpContext.Current.Response.Write("<script language=javascript>alert('參數(shù)存在不安全字符');window.location = '" + returnUrl + "';</script>");

System.Web.HttpContext.Current.Response.End();

}

else

{

System.Web.HttpContext.Current.Response.Write("<script language=javascript>alert('參數(shù)存在不安全字符');window.location = '" + returnUrl + "';</script>");

System.Web.HttpContext.Current.Response.End();

}

catch (Exception)

{

throw;

}

#endregion

}

第2步驟.在頁(yè)面 Global.asax 》Global.asax.cs 》調(diào)用Proce***equest：ProcessCheckkeyWord（）

protected void Application_BeginRequest(object sender, EventArgs e)

{

#region //整個(gè)項(xiàng)目過(guò)濾關(guān)鍵字

Proce***equest process = new Proce***equest();

process.ProcessCheckkeyWord();

#endregion

}

這樣所有的頁(yè)面輸入框有關(guān)鍵字輸入都進(jìn)行過(guò)濾提示?。?/strong>

向AI問(wèn)一下細(xì)節(jié)

推薦閱讀：

前端過(guò)濾關(guān)鍵字

MVC攔截器,MVC過(guò)濾器,MVC ActionFilterAttribute攔截器過(guò)濾器,OnActionExecuting

免責(zé)聲明：本站發(fā)布的內(nèi)容（圖片、視頻和文字）以原創(chuàng)、轉(zhuǎn)載和分享為主，文章觀點(diǎn)不代表本網(wǎng)站立場(chǎng)，如果涉及侵權(quán)請(qǐng)聯(lián)系站長(zhǎng)郵箱：is@yisu.com進(jìn)行舉報(bào)，并提供相關(guān)證據(jù)，一經(jīng)查實(shí)，將立刻刪除涉嫌侵權(quán)內(nèi)容。

mvc 過(guò)濾整個(gè)項(xiàng)目

上一篇新聞：
常見排序算法之計(jì)數(shù)排序與基數(shù)排序

下一篇新聞：
如何實(shí)現(xiàn)mybatis批量將list數(shù)據(jù)插入到數(shù)據(jù)庫(kù)

猜你喜歡

有關(guān)ModifyStyleEx顯示對(duì)話框的問(wèn)題

OleDbDataReader查詢出的結(jié)果如何轉(zhuǎn)換成DataTable啊

用FastReport打印圖文頁(yè)面的問(wèn)題

不建議使用類型DiskFileUpload

如何把CString類型值賦值給CString變量

頁(yè)面通過(guò)response.sendRedirect()跳轉(zhuǎn)后的取值問(wèn)題

C#中控制導(dǎo)出Excel,Excel樣式的設(shè)置下載

基于LigerUI前端技術(shù)實(shí)現(xiàn)的管理平臺(tái)

AcceptSocket == SOCKET_ERROR這句不明白什么意思

怎樣使得html返回首頁(yè)

最新資訊

PHP日志記錄如何避免Log4j類似漏洞

PHP日志管理策略調(diào)整防范Log4j風(fēng)險(xiǎn)

Log4j事件對(duì)PHP日志安全的影響分析

PHP日志系統(tǒng)如何預(yù)防遠(yuǎn)程代碼執(zhí)行

PHP日志處理Log4j之外的安心之選

Log4j漏洞后PHP日志審計(jì)要點(diǎn)

PHP日志管理新方向：后Log4j時(shí)代

PHP項(xiàng)目如何確保日志安全非Log4j

PHP日志記錄策略調(diào)整應(yīng)對(duì)Log4j

Log4j漏洞啟示：PHP日志安全加固

相關(guān)推薦

C#過(guò)濾關(guān)鍵字,js過(guò)濾關(guān)鍵字

angularjs-過(guò)濾輸入filter

MVC3----其他輸入輔助方法

vue+element項(xiàng)目中過(guò)濾輸入框特殊字符小結(jié)

JavaScript中怎么過(guò)濾關(guān)鍵字

python打包整個(gè)項(xiàng)目的方法

asp.net MVC中怎么通過(guò)自定義ModelBinder過(guò)濾關(guān)鍵字

asp.net MVC中怎么利用ActionFilterAttribute過(guò)濾關(guān)鍵字

ASP.NET MVC的整個(gè)生命周期概述

jQuery如何基于輸入文字過(guò)濾頁(yè)面元素

相關(guān)標(biāo)簽

asp.net mvc路由 mvc視圖 asp.netmvc modelmeta mvcc asp.netmvc asp.net mvc 過(guò)濾器 mvc模式 mvc3 asp.net mvc controll mockmvc asp.net mvc modelbin carlmvc asp.net core mvc mvc6 springmvc注解 mvc架構(gòu) .net mvc webmvcconfigurer mymvc mvc設(shè)計(jì)模式