为什么我的查询字符串这么长
本文关键字:字符串 我的 查询 为什么 | 更新日期: 2023-09-27 18:10:30
我正在使用MVC 5,刚刚得到以下消息:
"请求过滤模块配置为拒绝查询字符串过长的请求。"
为什么我的查询字符串这么长?
注意它是如何一遍又一遍地重复同样的信息。我目前正在尝试默认[授权]使用全局过滤,但我没有改变任何在WEB.CONFIG…是什么导致了这种情况?
查询字符串如下:
localhost: 80/个人/账户/登录?ReturnUrl = % 2 fyourapplication % 2 faccount % 2 flogin % 252 fyourapplication freturnurl % 3 d % % 252 faccount % 252 flogin % 253 freturnurl % 253 d % 25252 fyourapplication % 25252 faccount % 25252 flogin % 25252 freturnurl % 25253 d % 2525252 fyourapplication % 2525252 faccount % 2525252 flogin % 2525253 freturnurl % 2525253 d % 2525253 fyourapplication % 252525252 faccount % 252525252 flogin % 252525252 freturnurl % 252525253 d % 25252525252 fyourapplication % 25252525252 faccount % 25252525252 flogin % 25252525253 freturnurl % 25252525253 d % 25252525253 fyourapplication % 2525252525252 faccount % 5252525252 flogin % 5252525252 freturnurl % 2525252525253 d % 252525252525252 fyourapplication % 252525252525252 faccount % 252525252525252 flogin % 252525252525253 freturnurl % 252525252525253 d % 252525252525253 fyourapplication % 25252525252525252 faccount % 25252525252525252 flogin % 25252525252525252 freturnurl % 25252525252525253 d % 2525252525252525252 fyourapplication % 2525252525252525252 faccount % 2525252525252525252 flogin % 2525252525252525253 freturnurl % 2525252525252525253 d % 2525252525252525253 fyourapp申请% 252525252525252525252 faccount % 252525252525252525252 flogin % 252525252525252525253 freturnurl % 252525252525252525253 d % 252525252525252525253 fyourapplication % 252525252525252525253 faccount % 25252525252525252525252 flogin % 25252525252525252525252 freturnurl % 25252525252525252525253 d % 2525252525252525252525252 fyourapplication % 2525252525252525252525252 faccount % 2525252525252525252525252 flogin % 2525252525252525252525253 freturnurl % 2525252525252525252525253 d % 2525252525252525252525253 fyourapplication % 252525252525252525252525252 faccount % 2525252525252525252525252 flogin % 2525252525252525252525252 freturnurl % 252525252525252525252525253 d % 25252525252525252525252525252 fyourapplication % 25252525252525252525252525252 faccount % 25252525252525252525252525252 flogin % 25252525252525252525252525253 freturnurl % 25252525252525252525252525253 d % 25252525252525252525252525253 fyourapplication % 2525252525252525252525252525252 faccount % 2525252525252525252525252525252 flogin % 2525252525252525252525252525252 freturnurl % 2525252525252525252525252525253 d % 252525252525252525252525252525252 fyourapplication % 252525252525252525252525252525252 faccount % 252525252525252525252525252525252 flogin
代码如下:
我正在测试我是否可以在任何地方默认为[授权]& &;仍然有我的自定义错误页面出现。但是,出现上述错误而不是重定向。我在WEB.CONFIG中没有" httpererrors "或"customErrors"条目。
protected void Application_Start()
{
AreaRegistration.RegisterAllAreas();
GlobalConfiguration.Configure(WebApiConfig.Register);
FilterConfig.RegisterGlobalFilters(GlobalFilters.Filters);
RouteConfig.RegisterRoutes(RouteTable.Routes);
BundleConfig.RegisterBundles(BundleTable.Bundles);
}
protected void Application_Error(object sender, EventArgs e)
{
var exception = Server.GetLastError();
var httpException = exception as HttpException;
Response.Clear();
Server.ClearError();
var routeData = new RouteData();
routeData.Values["controller"] = "Error";
routeData.Values["action"] = "General";
routeData.Values["exception"] = exception;
Response.StatusCode = 500;
if (httpException != null)
{
Response.StatusCode = httpException.GetHttpCode();
switch (Response.StatusCode)
{
case 403:
routeData.Values["action"] = "Forbidden";
break;
case 404:
routeData.Values["action"] = "NotFound";
break;
case 500:
routeData.Values["action"] = "UnExpected";
break;
}
}
IController errorsController = new ErrorController();
var rc = new RequestContext(new HttpContextWrapper(Context), routeData);
errorsController.Execute(rc);
}
public class FilterConfig
{
#region <Methods>
public static void RegisterGlobalFilters(GlobalFilterCollection filters)
{
// FORCE: Authorize on all actions (by default)
filters.Add(new AuthorizeAttribute());
}
#endregion
}
// The AUTHORIZE ATTRIBUTE is now defaulted on all actions...so we don't need it here
public class AccountController : BaseController
{
#region <Actions>
[HttpGet]
// The TEST is to see the ERRORS PAGE COME UP so put nothing here
public ActionResult Login(string returnUrl)
{
// The user-call should be redirected to the error page when called...but oddly isn't
}
#endregion
}
[AllowAnonymous]
public class ErrorsController : Controller
{
#region <Actions>
// GET: /Errors/Unexpected
[HttpGet]
[AllowAnonymous]
public ActionResult Unexpected()
{
TraceHandler.TraceIn(TraceLevel.Error);
var unitOfWork = new ApplicationUnitOfWork();
var viewModel = new UnExpectedErrorViewModel(unitOfWork);
Response.StatusCode = (int)viewModel.StatusCode;
Response.TrySkipIisCustomErrors = true;
TraceHandler.TraceOut();
return View(viewModel);
}
// GET: /Errors/Forbidden
[HttpGet]
[AllowAnonymous]
public ActionResult Forbidden()
{
TraceHandler.TraceIn(TraceLevel.Error);
var unitOfWork = new ApplicationUnitOfWork();
var viewModel = new ForbiddenErrorViewModel(unitOfWork);
Response.StatusCode = (int)viewModel.StatusCode;
Response.TrySkipIisCustomErrors = true;
Response.SuppressFormsAuthenticationRedirect = true;
TraceHandler.TraceOut();
return View(viewModel);
}
// GET: /Errors/NotFound
[HttpGet]
[AllowAnonymous]
public ActionResult NotFound()
{
TraceHandler.TraceIn(TraceLevel.Error);
var unitOfWork = new ApplicationUnitOfWork();
var viewModel = new NotFoundErrorViewModel(unitOfWork);
Response.StatusCode = (int)viewModel.StatusCode;
Response.TrySkipIisCustomErrors = true;
TraceHandler.TraceOut();
return View(viewModel);
}
#endregion
}
由于某种原因,您的登录页面将您重定向到登录页面,而登录页面又重定向到登录页面并且…
您是否使用标准的Asp.net MVC登录系统?您更改了哪些配置?是否删除了登录方法上的[AllowAnonymous]属性?
在AccountController上有一个[Authorize]属性,它只允许登录的用户看到所有的操作。显然,对于Login和Register以及应该由匿名用户访问的任何其他方法来说,这是不需要的。
为什么我的查询字符串这么长?
允许用户登录。您的全局[Authorize]过滤器正在检查您是否登录,它发现它为假,并再次将您重定向到登录页面,从而无限重定向,从而每次重定向时增加您的查询字符串。
解决方案是在你想让用户直接访问的方法上添加[AllowAnonymous]属性。在这种情况下,只需在登录方法上添加[AllowAnonymous]属性,就可以了。