服务器不能修改cookies后,HTTP头已发送,如何修复
本文关键字:何修复 HTTP 不能 修改 cookies 服务器 | 更新日期: 2023-09-27 18:15:47
我想自动登录我的用户在主页的page_load如果用户名和密码存在于cookie !
所以我写了下面的代码:
protected void Page_Load(object sender, EventArgs e)
{
LoadDataFromCookieIfExistAndLogin();
}
private void LoadDataFromCookieIfExistAndLogin()
{
string Query = Request.Url.Query.ToString();
string[] Ar_Query = new string[2];
string[] splitter = { "%2f" };
Ar_Query = Query.Split(splitter, System.StringSplitOptions.None);
string[] Ar_new_Query = new string[2];
int minLength = Math.Min(Ar_Query.Length, Ar_new_Query.Length);
Array.Copy(Ar_Query, Ar_new_Query, minLength);
if (string.IsNullOrEmpty(Ar_new_Query[1]))
{
Ar_new_Query[1] = string.Empty;
}
if ((Request.QueryString["ReturnURL"] != null) && (Ar_new_Query[1].ToString().ToUpper() == "ADMIN"))
{
Session.Clear();
FormsAuthentication.SignOut();
}
else if ((Request.QueryString["ReturnURL"] != null) && (Ar_new_Query[1].ToString().ToUpper() == "ELMAH.AXD"))
{
Session.Clear();
FormsAuthentication.SignOut();
}
else
{
HttpCookie Situation_Cookie = Request.Cookies["Situation"];
if (Situation_Cookie != null)
{
if (Situation_Cookie["Login"] == "Yes")
{
HttpCookie Data_Cookie = Request.Cookies["Data"];
if (Data_Cookie != null)
{
string UserName = Data_Cookie["UserName"].ToString();
string PassWord = ata_Cookie["PassWord"].ToString();
string HashedPass = FormsAuthentication.HashPasswordForStoringInConfigFile(PassWord, "MD5");
DataSet dsUsers = DataLayer.Users.SelectRowForLogin_FromCookie(UserName, HashedPass);
if (dsUsers.Tables["Users"].Rows.Count > 0)
{
DataRow drUsers = dsUsers.Tables["Users"].Rows[0];
if (Session["User_ID"] == null)
{
Session["UserName"] = UserName;
Session["Password"] = PassWord;
Session["User_ID"] = drUsers["ID"].ToString();
Session["UserType_ID"] = drUsers["UserType_ID"].ToString();
DataLayer.OnlineUsers.UpdateRow_UserID_By_SessionID(
Session["User_ID"],
Session.SessionID);
}
if (!HttpContext.Current.User.Identity.IsAuthenticated)
{
FormsAuthentication.SetAuthCookie(drUsers["ID"].ToString(), true);
}
}
}
}
}
}
}
也为了解我的登录码,我使用RoleProvider如下:
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.Security;
using System.Data;
namespace NiceFileExplorer.Classes
{
public class NiceFileExplorerRoleProvider : RoleProvider
{
public override void AddUsersToRoles(string[] usernames, string[] roleNames)
{
throw new NotImplementedException();
}
public override string ApplicationName
{
get
{
throw new NotImplementedException();
}
set
{
throw new NotImplementedException();
}
}
public override void CreateRole(string roleName)
{
throw new NotImplementedException();
}
public override bool DeleteRole(string roleName, bool throwOnPopulatedRole)
{
throw new NotImplementedException();
}
public override string[] FindUsersInRole(string roleName, string usernameToMatch)
{
throw new NotImplementedException();
}
public override string[] GetAllRoles()
{
throw new NotImplementedException();
}
//public override string[] GetRolesForUser(string username)
public override string[] GetRolesForUser(string User_ID)
{
string[] UserTypes = new string[1];
DataSet dsUser = DataLayer.Users.SelectRowWithUserTypeInfo(int.Parse(User_ID));
if (dsUser.Tables["Users"].Rows.Count > 0)
{
DataRow drUser = dsUser.Tables["Users"].Rows[0];
UserTypes[0] = drUser["Name"].ToString();
}
if (User_ID == "-255")
{
UserTypes[0] = "Administrators";
}
return UserTypes;
}
public override string[] GetUsersInRole(string roleName)
{
throw new NotImplementedException();
}
public override bool IsUserInRole(string username, string roleName)
{
throw new NotImplementedException();
}
public override void RemoveUsersFromRoles(string[] usernames, string[] roleNames)
{
throw new NotImplementedException();
}
public override bool RoleExists(string roleName)
{
throw new NotImplementedException();
}
}
}
有时会出现以下错误:
包含。HttpException:发送HTTP报头后,服务器无法修改cookie。
System.Web.HttpUnhandledException (0x80004005): Exception of type 'System.Web.HttpUnhandledException' was thrown. ---> System.Web.HttpException (0x80004005): Server cannot modify cookies after HTTP headers have been sent.
at System.Web.HttpCookieCollection.Add(HttpCookie cookie)
at System.Web.Security.FormsAuthentication.SetAuthCookie(String userName, Boolean createPersistentCookie, String strCookiePath)
at NiceFileExplorer.en.Site1.Page_Load(Object sender, EventArgs e)
at System.Web.Util.CalliHelper.EventArgFunctionCaller(IntPtr fp, Object o, Object t, EventArgs e)
at System.Web.UI.Control.LoadRecursive()
at System.Web.UI.Control.LoadRecursive()
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
at System.Web.UI.Page.HandleError(Exception e)
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
at System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
at System.Web.UI.Page.ProcessRequest()
at System.Web.UI.Page.ProcessRequest(HttpContext context)
at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
似乎问题出在下面一行:
FormsAuthentication.SetAuthCookie (drUsers (" ID ") .ToString(),真的);
这个错误意味着什么,我该如何防止它?
"System.Web. "HttpException:发送HTTP报头后,服务器无法修改cookie。"
该错误表明您正在尝试在http响应完成后修改cookie。
我认为问题是你在执行后试图修改cookieFormsAuthentication.SignOut () .
根据MSDN,这是当SignOut()方法被调用时发生的事情
当调用SignOut方法时,通过调用redirect方法将endResponse参数设置为false来重定向到应用程序的登录页面。直到当前页完成执行后才会进行重定向,因此可以运行其他代码。如果代码不包含显式重定向到另一个页面,则将用户重定向到应用程序配置文件中配置的登录页面。
所以你试图在重定向发生后修改cookie。您可以通过在重定向之前设置cookie值来避免此错误。
如果您使用的是ASP。Net标准表单身份验证,如果您使用持久cookie,则此功能可用于表单身份验证。在这里查看MSDN文章。检查文档中的"创建表单认证Cookie"一节。
你不需要保持用户名'密码组合是cookie。这不是一个好的做法,因为任何人都可以从cookie中嗅出这个用户名/密码。我强烈建议您阅读上述文章,以了解表单身份验证是如何工作的。
为了快速测试,我已经清除了我的浏览器历史记录,并且在我的端工作得很好。