Change Or Remove HttpRequest Input Arguments In HttpModule
Jan 17, 2011
Is it possible to change or remove http request form inputs in an httpmodule? My goal is to create a security IHttpmodule that will check the request for reasonable values, such as limits on acceptable input and query parameter length, or use the AntiXSS Sanitizer to remove threats, log potential hack attempts, etc. before a request is passed on to a processor.
Because this is a cross cutting concern I'd prefer to find a solution that applies to all requests and affects all ways request values could be accessed, Reqest.Form, Action(model), Action(FormCollection), HttpContext.Current.Request.Form, etc. I'm using MVC and have considered creating custom model binders to clean the data before creating the model instance. But that would be application specific, require remembering to register every model binder and only apply to Action(model).
View 1 Replies
Similar Messages:
Jul 15, 2010
I'm writing unit tests in ASP.NET 4.0 web application (ASP.NET Forms, not MVC). There are several spots in the code where I call the ServerVariables collection to call variables like REMOTE_ADDR. Since my unit tests do not actually initiate HttpRequests when executing my code, things like ServerVariables are Null and therefore error when I try to call HttpContext.Current.Request.ServerVariables("REMOTE_ADDR")
All the solutions I've found to address this issue refer to MVC and so they assume that HttpRequest derives from HttpRequestBase, which it does in MVC but not in ASP.NET Forms.I tried using Moq but you can't mock a sealed class, and HttpRequest is unfortunately sealed with no interface.
View 1 Replies
May 31, 2010
the purpose of this HttpModule? It's showing up on my HttpModuleCollection list, but I don't know what's it's for.System.ServiceModel.Activation.HttpModule
View 3 Replies
Aug 20, 2010
I'm using Josh Bush's MaskedInput plugin for jQuery in an ASP.NET 3.5 Webform app. How to get rid from the literals in the code-behind file after form submit? E.g: a phone input with the mask $("#txtPhone").mask("(99)9999-9999");
In the code-behind:
string customerPhone = txtPhone.Text
Which returns me: (12)3456-7890
But this is what I want: 1234567890
In the plugins changelog page it says I can use mask() method with no arguments to archieve this. But how to do it from the code-behind?!
EDIT
I want to send to the server the unmasked value. How to do that?
View 3 Replies
Feb 9, 2010
I have a matadataclass which I use to show my table individually. No I have the problem that I want to have a kind of input format for my date field like: yyyy/MM/dd and not the german format I'm using on my SQL Server. I already learned from the video that I have to change the display format to show it on my main page. I want to see the two " / " as akind of mask. Sorry for my bad english.
[DisplayFormat(DataFormatString="{0:yyyy-MM-dd}")]
[DisplayName("Delivery Date:")]
public object deliveryDate { get; set; }
Maybe I need a kind of "input validation"? I need the same for my IP field. I have a IP field to add the IP address of a system into my inventory database there I want to have the 3 dots xxx. xxx . xxx . xxx and the range per tree letters from 0-255.
[ColumnOrder(190)]
[DisplayName("Production IP Address:")]
public object IP1 { get; set; }
View 3 Replies
May 31, 2010
I've read posts here and on Google telling me I need to set the style by hand onfocus() and onblur(). However, everything I try isn't working!
Here is my jQuery
$(document).ready(function(){
if (jQuery.browser.msie === true) {
$("input.date-picker").each(function(i)
{
var $foo= $(this);
$foo.bind('onfocus onblur', function() {
$(this).toggleClass('smalltxt-active');
});
});
}//end if
});
The a corresponding box
<input name="ctl00$SelectionContent$Selections1$txtDestinationDate" type="text"
id="ctl00_SelectionContent_Selections1_txtDestinationDate" class="date-picker"
style="width:80px;" />
I have already confirmed that my code is detecting MSIE. That I am getting a count of 2 input.date-picker objects.
View 2 Replies
Aug 6, 2010
I have a masterpage and I wrote metatags in masterpage.master.cs. In the category page which is generated from the masterpage every category has their own metatags. When the user visits category.aspx I want to change the metatags. All metatags are dynamically created and they don't have an id or runat because I create them dynamically with a for loop (reading data from the db). So I can't change title of the page and metatags. How can I do this?
View 4 Replies
Feb 15, 2011
This is probably embarrassingly easy, but I've having problems getting this to work.
On ResidentAddress.aspx, I have 2 user controls (AppName.ascx and NavButtons.ascx). When a textbox in AppName.ascx has focus, I want to update a hidden input field on NavButtons.ascx with the value of "TRUE". In the codebehind page for NavButtons, I want to see what the value of this hidden input filed is.
This is what I have so far:
NavButtons.ascx
<input type="hidden" id="IpChangeFlag" name="ChangeFlag" runat="server" value="FALSE" />
AppName.ascx
<asp:TextBox ID="txtFirstName" runat="server" onFocus="document.getElementsByName('ChangeFlag').value='TRUE';">
NavButtons.ascx.vb
If IpChangeMade.Value.Trim.ToUpper = "TRUE" Then
MyValue = true
End If
I am unable to change the value of ipChangeFlad. It always has the value of FALSE.
View 1 Replies
May 29, 2010
I've a text area in my application. I want to programatically set the input language for the text area alone without affecting other controls.
View 1 Replies
Feb 28, 2010
I'm trying change an input mask for textbox when the the check box has been check or unckecked but the problem that always is picking up the else condation only even the check box it is check or not.
here is my code:
<%@ Page Title="" Language="C#" MasterPageFile="~/Imam.Master" AutoEventWireup="true"
CodeBehind="WebForm4.aspx.cs" Inherits="Imam_Contacts.WebForm4" %>
<asp:Content ID="Content1" ContentPlaceHolderID="head" runat="server"> [code]...
View 3 Replies
Aug 13, 2010
I'm using Data Annotations and Metadata attributes in my models to do automatic validations on my forms. Any who, I've got a problem where I have an int field I need to change the error when a letter is entered. Im guetting the default error: "The value 'A' is not valid for NĂºmero.". But since this is a spanish web, i need to change the error to something in spansih. Any who, I cant find where to change the ErrorMessage="" to what I need.
View 11 Replies
Mar 27, 2011
I have a textboxes which I need to have a value of zero unless it is changed by the person filling out the form. So I have done this: In the page load
[Code]....
which makes the textboxes zero when the page loads. The problem is that when the form is inserted to the database it is not populating the field with a changed amount, but making it zero. I need to somehow tell it to ignore the zero fill command from the pageload. I think I have to use OnTextChange but am not sure how. This is what I have tried
[Code]....
What to make the "" I think is the problem
View 10 Replies
Jan 12, 2010
We have to ASP.NET applications, one in 1.1 and one in 3.5. In order to log our errors in the same location we are going to create a WebService that the 1.1 app can call. If I include an HttpRequest as one of the parameters to the webservice, will there be a versioning problem?
View 1 Replies
Jan 10, 2011
I have to fill a date 00010101 into the text box on page load.But after loading it automatically change to 19010101 Min year is not 0001 How can i input 0001 as year
[Code]....
View 4 Replies
Jan 29, 2010
I'm want to run a "background job" in my ASP.NET application (periodically, as separate thread). And I need host name (DNS name or IP) to do my tasks. The problem - HttpContext.Current may be not available here (it's NULL).
Is there any way to get a host name in not using HttpContext.Current.Request.Url.Host.
View 3 Replies
Aug 11, 2010
I'm going to try to use the WebClient object in .NET to grab the response querystring values sent back by the resource.
I'm familiar with grabbing xml, json, etc. but typically I haven't worked with many NVP type of APIs in terms of grabbing the query immediately from an response sent back from a resource server-side. So how is a query sent back, in the body of a response, header, what? How do you grab it, with the stream object just like you do anything else? This questions relates to the environment I work in C# but really it relates to the web as a whole as well which is why I tagged this in multiple categories as a Request/Response is not MS specific however I am also at the same time trying to utilize the .NET WebClient object.
View 1 Replies
Oct 1, 2010
I have a page web method, and I need to get access to the headers, and particularly the uploaded files. Is this possible? Can a web method receive a file?If not, what would you recommend to upload files without post back? I am using the jQuery forms library that has support for this (and I have had it working with Django), however, I am having a hard time finding answers on how to do this with ASP.NET.
View 2 Replies
Jan 7, 2010
I'm creating HttpContext "by hands" (see [URL]. Does somebody know how can I populate HttpRequest.Browser class's properties (the HttpRequest.Browser.Browser one)? Unfortunately, the HttpBrowserCapabilities class has no the appropriate setter and adding the corresponding http header to the request gives no result.
View 1 Replies
Dec 10, 2010
I have a form on an HTML page that a user needs to use to upload a file which posts to an ASPX page. In the code behind, I want to test if a file has actually been loaded.
if (Request.Files.Count > 0)
{
DoStuff(Request.Files[0]);
}
else
{
throw new Exception("A CSV file must be selected for upload.");
}
I am never getting to the else. Is this just how ASP.NET operates? If I have a input element of type file, is it always going to upload a "file" even if one is not selected? What's the proper way to do this? Maybe this?
if (Request.Files.Count > 0 && Request.Files[0].ContentLength > 0)
{
DoStuff(Request.Files[0]);
}
else
{
throw new Exception("A CSV file must be selected for upload.");
}
View 3 Replies
May 18, 2010
I'm trying to fix an issue with an application I'm supporting (I didn't write the code). The code takes an SSRS report and renders it in pdf format. Users are sporadically getting the error indicated in the title. There is no rhyme or reason to when the error is generated (a particular report will run one time and throw the error the next). The code is below.
Public Sub OpenReport()
Dim MyParms As New Generic.List(Of ReportParameter)
Dim mimeType As String = Nothing
Dim encoding As String = Nothing
Dim extension As String = Nothing
Dim deviceInfo As String = Nothing
Dim streamids() As String = Nothing
Dim warnings As Microsoft.Reporting.WebForms.Warning() = Nothing
Dim bytes() As Byte
Dim format As String = "PDF" ''#to open the report in pdf; report viewer invisible
Try
If dropReports.SelectedItem.Value = "1" Then
If Session("IsBDAP") = True Then
MyParms.Add(New ReportParameter("SCAId", dropSCA.SelectedItem.Value, False))
Else
MyParms.Add(New ReportParameter("SCAId", Server.UrlEncode(Session("SCAId")), False))
End If
MyParms.Add(New ReportParameter("ProviderId", dropProvider.SelectedItem.Value, False))
If dropVisit.Visible = True Then
MyParms.Add(New ReportParameter("VisitId", dropVisit.SelectedItem.Value, False))
End If
MyParms.Add(New ReportParameter("FY", dropContractFY.SelectedItem.Value, False))
ReportViewer1.ProcessingMode = ProcessingMode.Remote
ReportViewer1.ServerReport.ReportServerUrl = New Uri(System.Configuration.ConfigurationManager.AppSettings("ReportServerURI"))
ReportViewer1.ServerReport.ReportPath = Session("ReportsFolder") & "MReport"
ReportViewer1.ServerReport.ReportServerCredentials = New MyReportServerCredentials()
ReportViewer1.ServerReport.SetParameters(MyParms)
''#Code to convert the report to pdf
deviceInfo = "<DeviceInfo>" + "<SimplePageHeaders>True</SimplePageHeaders>" + "</DeviceInfo>"
bytes = ReportViewer1.ServerReport.Render(format, deviceInfo, mimeType, encoding, extension, streamids, warnings)
Dim size As Integer = bytes.Length
ReportViewer1.ServerReport.Refresh()
Response.Buffer = True
Response.Clear()
Response.ContentType = mimeType
Response.AddHeader("content-disposition", "attachment; filename=MReport." + extension)
Response.BinaryWrite(bytes)
ElseIf dropReports.SelectedItem.Value = "2" Then
If Session("IsBDAP") = True Then
MyParms.Add(New ReportParameter("SCAId", dropSCA.SelectedItem.Value, False))
Else
MyParms.Add(New ReportParameter("SCAId", Server.UrlEncode(Session("SCAId")), False))
End If
MyParms.Add(New ReportParameter("ProviderId", dropProvider.SelectedItem.Value, False))
If dropVisit.Visible = True Then
MyParms.Add(New ReportParameter("FollowUpVisitId", dropVisit.SelectedItem.Value, False))
End If
MyParms.Add(New ReportParameter("FY", dropContractFY.SelectedItem.Value, False))
ReportViewer1.ProcessingMode = ProcessingMode.Remote
ReportViewer1.ServerReport.ReportServerUrl = New Uri(System.Configuration.ConfigurationManager.AppSettings("ReportServerURI"))
ReportViewer1.ServerReport.ReportPath = Session("ReportsFolder") & "FReport"
ReportViewer1.ServerReport.ReportServerCredentials = New MyReportServerCredentials()
ReportViewer1.ServerReport.SetParameters(MyParms)
''#Code to convert the report to pdf
deviceInfo = "<DeviceInfo>" + "<SimplePageHeaders>True</SimplePageHeaders>" + "</DeviceInfo>"
bytes = ReportViewer1.ServerReport.Render(format, deviceInfo, mimeType, encoding, extension, streamids, warnings)
ReportViewer1.ServerReport.Refresh()
Response.Buffer = True
Response.Clear()
Response.ContentType = mimeType
Response.AddHeader("content-disposition", "attachment; filename=FReport." + extension)
Response.BinaryWrite(bytes)
I read that the default length limit is 4MB. None of the reports by themselves are even over 350K. I'm wondering if this could be caused by a caching issue. I'm not an expert, so I need some guidance as to how best to solve the problem. I also want to understand why the issue is happening. note that only 2 reports are shown in the snippet - there are about 30+ reports in the full sub. edit - I tried the proposed solution, but it didn't help (I also tried the Fiddler route, but did not see anything glaring). I thought it might be best to clarify. The reports will run fine for a while, but the execution time gradually gets slower and slower until the application eventually displays the error.
View 3 Replies
Jan 28, 2010
The HttpRequest class defines two properties:
HttpMethod:
Gets the HTTP data transfer method (such as GET, POST, or HEAD) used by the client.
public string HttpMethod { get; }
The HTTP data transfer method used by the client.
and RequestType:
Gets or sets the HTTP data transfer method (GET or POST) used by the client. public string RequestType { get; set; } A string representing the HTTP invocation type sent by the client.What is the difference between these two properties? When would i want to use one over the other? Which is the proper one to inspect to see what data transfer method was used by the client?The documentation indicates that HttpMethod will return whatever verb was used: such as GET, POST, or HEAD while the documentation on RequestType seems to indicate only one of two possible values: i test with a random sampling of verbs, and both properties seem to support all verbs, and both return the same values:
Testing:
Client Used HttpMethod RequestType
GET GET GET
POST POST POST
HEAD HEAD HEAD
CONNECT CONNECT CONNECT
MKCOL MKCOL MKCOL
PUT PUT PUT
FOOTEST FOOTEST FOOTEST
What is the difference between:
HttpRequest.HttpMethod
HttpRequest.RequestType
and when should i use one over the other? Keywords: iis asp.net http httprequest httphandler
View 2 Replies
Feb 18, 2010
Is there a way to get the raw response header and body from the HttpRequest.Response object for debugging when issues arrise?
View 4 Replies
Aug 17, 2010
Anyway I can get the object of HTTPRequest? From View or Action? What I want is to read the logon user name and its email address from active directory.
View 1 Replies
Jun 3, 2010
I use HttpRequest, when there is a SOAP fault, I get 500 error. I read that you can get the SOAP fault info in the response stream, but when there is a 500 error, how do you get the response stream?
View 1 Replies
Jul 7, 2010
here Im trying to write a test can I mock a HttpRequestBase to return post values like this? please help as its quite urgent, how can I acheive this?
var collection = new NameValueCollection();
collection.Add("Id", "1");
collection.Add("UserName", "");
[code]...
View 1 Replies