为什么我的查询字符串很长?

我正在使用MVC 5,并且刚刚收到以下消息:

“请求过滤模块被配置为拒绝查询字符串太长的请求。”

为什么我的查询字符串很长?
注意它是如何重复地重复相同的信息。 我目前正在尝试使用全局过滤来默认[Authorize],但是我没有改变WEB.CONFIG中的任何内容......这会导致什么?

QUERY STRING LOKS LIKE:
本地主机:80 / yourapplication /帐户/登录RETURNURL =%2Fyourapplication%2Faccount%2Flogin%3FReturnUrl%3D%252Fyourapplication%252Faccount%252Flogin%253FReturnUrl%253D%25252Fyourapplication%25252Faccount%25252Flogin%25253FReturnUrl%25253D%2525252Fyourapplication%2525252Faccount%2525252Flogin%2525253FReturnUrl %2525253D%252525252Fyourapplication%252525252Faccount%252525252Flogin%252525253FReturnUrl%252525253D%25252525252Fyourapplication%25252525252Faccount%25252525252Flogin%25252525253FReturnUrl%25252525253D%2525252525252Fyourapplication%2525252525252Faccount%2525252525252Flogin%2525252525253FReturnUrl%2525252525253D%252525252525252Fyourapplication%252525252525252Faccount%252525252525252Flogin%252525252525253FReturnUrl%252525252525253D%25252525252525252Fyourapplication%25252525252525252Faccount%25252525252525252Flogin%25252525252525253FReturnUrl %25252525252525253D%2525252525252525252Fyourapplication%2525252525252525252Faccount%2525252525252525252Flogin%2525252525252525253FReturnUrl%2525252 525252525253D%252525252525252525252Fyourapplication%252525252525252525252Faccount%252525252525252525252Flogin%252525252525252525253FReturnUrl%252525252525252525253D%25252525252525252525252Fyourapplication%25252525252525252525252Faccount%25252525252525252525252Flogin%25252525252525252525253FReturnUrl%25252525252525252525253D%2525252525252525252525252Fyourapplication%2525252525252525252525252Faccount%2525252525252525252525252Flogin%2525252525252525252525253FReturnUrl%2525252525252525252525253D%252525252525252525252525252Fyourapplication%252525252525252525252525252Faccount%252525252525252525252525252Flogin%252525252525252525252525253FReturnUrl%252525252525252525252525253D%25252525252525252525252525252Fyourapplication%25252525252525252525252525252Faccount%25252525252525252525252525252Flogin%25252525252525252525252525253FReturnUrl% 25252525252525252525252525253D%2525252525252525252525252525252Fyourapplication%2525252525252525252525252525252Faccount%2525252525252525252525252525252Flogin%25252 52525252525252525252525253FReturnUrl%2525252525252525252525252525253D%252525252525252525252525252525252Fyourapplication%252525252525252525252525252525252Faccount%252525252525252525252525252525252Flogin

代码看起来像:
我正在测试以查看是否可以在任何地方默认[授权],并仍然出现我的自定义错误页面。 但是,上述错误出现而不是重定向。 我在WEB.CONFIG中没有“httpErrors”或“customErrors”条目。

protected void Application_Start()
{
    AreaRegistration.RegisterAllAreas();
    GlobalConfiguration.Configure(WebApiConfig.Register);
    FilterConfig.RegisterGlobalFilters(GlobalFilters.Filters);
    RouteConfig.RegisterRoutes(RouteTable.Routes);
    BundleConfig.RegisterBundles(BundleTable.Bundles);
}

protected void Application_Error(object sender, EventArgs e)
{
    var exception = Server.GetLastError();
    var httpException = exception as HttpException;
    Response.Clear();
    Server.ClearError();
    var routeData = new RouteData();
    routeData.Values["controller"] = "Error";
    routeData.Values["action"] = "General";
    routeData.Values["exception"] = exception;
    Response.StatusCode = 500;
    if (httpException != null)
    {
        Response.StatusCode = httpException.GetHttpCode();
        switch (Response.StatusCode)
        {
            case 403:
                routeData.Values["action"] = "Forbidden";
                break;

            case 404:
                routeData.Values["action"] = "NotFound";
                break;

           case 500:
                routeData.Values["action"] = "UnExpected";
                break;
        }
    }

    IController errorsController = new ErrorController();
    var rc = new RequestContext(new HttpContextWrapper(Context), routeData);
    errorsController.Execute(rc);
}

public class FilterConfig
{
    #region <Methods>

    public static void RegisterGlobalFilters(GlobalFilterCollection filters)
    {
        // FORCE: Authorize on all actions (by default)
        filters.Add(new AuthorizeAttribute());
    }

    #endregion
}

// The AUTHORIZE ATTRIBUTE is now defaulted on all actions...so we don't need it here
public class AccountController : BaseController
{
    #region <Actions>

    [HttpGet]
    // The TEST is to see the ERRORS PAGE COME UP so put nothing here
    public ActionResult Login(string returnUrl)
    {
        // The user-call should be redirected to the error page when called...but oddly isn't
    }

    #endregion
}

[AllowAnonymous]
public class ErrorsController : Controller
{
    #region <Actions>

    // GET: /Errors/Unexpected
    [HttpGet]
    [AllowAnonymous]
    public ActionResult Unexpected()
    {
        TraceHandler.TraceIn(TraceLevel.Error);

        var unitOfWork = new ApplicationUnitOfWork();
        var viewModel = new UnExpectedErrorViewModel(unitOfWork);

        Response.StatusCode = (int)viewModel.StatusCode;
        Response.TrySkipIisCustomErrors = true;

        TraceHandler.TraceOut();
        return View(viewModel);
    }

    // GET: /Errors/Forbidden
    [HttpGet]
    [AllowAnonymous]
    public ActionResult Forbidden()
    {
        TraceHandler.TraceIn(TraceLevel.Error);

        var unitOfWork = new ApplicationUnitOfWork();
        var viewModel = new ForbiddenErrorViewModel(unitOfWork);

        Response.StatusCode = (int)viewModel.StatusCode;
        Response.TrySkipIisCustomErrors = true;
        Response.SuppressFormsAuthenticationRedirect = true;

        TraceHandler.TraceOut();
        return View(viewModel);
    }

    // GET: /Errors/NotFound
    [HttpGet]
    [AllowAnonymous]
    public ActionResult NotFound()
    {
        TraceHandler.TraceIn(TraceLevel.Error);

        var unitOfWork = new ApplicationUnitOfWork();
        var viewModel = new NotFoundErrorViewModel(unitOfWork);

        Response.StatusCode = (int)viewModel.StatusCode;
        Response.TrySkipIisCustomErrors = true;

        TraceHandler.TraceOut();
        return View(viewModel);
    }

    #endregion
}

出于某种原因,您的登录页面正在将您重定向到登录页面,而该页面又被重定向到登录页面并...

您是否使用标准的Asp.net MVC登录系统? 你改变了什么配置? 您是否在登录方法中删除了[AllowAnonymous]属性?

AccountController上有一个[Authorize]属性,它只允许登录用户查看所有操作。 显然, LoginRegister以及匿名用户应该访问的任何其他方法都不希望这样做。


为什么我的查询字符串很长?

允许用户登录。 您的全局[Authorize]过滤器正在检查您是否登录,它发现它为假,并再次将您重定向到登录页面,从而无限重定向,因此每次重定向时都会增加您的查询字符串。

解决方案是在您希望用户直接访问的方法上添加[AllowAnonymous]属性。 在这种情况下,只需在登录方法中添加[AllowAnonymous]属性,即可。

链接地址: http://www.djcxy.com/p/42083.html

上一篇: Why is my query string so long?

下一篇: ASP.NET MVC Windows Authentication refusing to work