为什么我的查询字符串很长?
我正在使用MVC 5,并且刚刚收到以下消息:
“请求过滤模块被配置为拒绝查询字符串太长的请求。”
为什么我的查询字符串很长?
注意它是如何重复地重复相同的信息。 我目前正在尝试使用全局过滤来默认[Authorize],但是我没有改变WEB.CONFIG中的任何内容......这会导致什么?
QUERY STRING LOKS LIKE:
本地主机:80 / yourapplication /帐户/登录RETURNURL =%2Fyourapplication%2Faccount%2Flogin%3FReturnUrl%3D%252Fyourapplication%252Faccount%252Flogin%253FReturnUrl%253D%25252Fyourapplication%25252Faccount%25252Flogin%25253FReturnUrl%25253D%2525252Fyourapplication%2525252Faccount%2525252Flogin%2525253FReturnUrl %2525253D%252525252Fyourapplication%252525252Faccount%252525252Flogin%252525253FReturnUrl%252525253D%25252525252Fyourapplication%25252525252Faccount%25252525252Flogin%25252525253FReturnUrl%25252525253D%2525252525252Fyourapplication%2525252525252Faccount%2525252525252Flogin%2525252525253FReturnUrl%2525252525253D%252525252525252Fyourapplication%252525252525252Faccount%252525252525252Flogin%252525252525253FReturnUrl%252525252525253D%25252525252525252Fyourapplication%25252525252525252Faccount%25252525252525252Flogin%25252525252525253FReturnUrl %25252525252525253D%2525252525252525252Fyourapplication%2525252525252525252Faccount%2525252525252525252Flogin%2525252525252525253FReturnUrl%2525252 525252525253D%252525252525252525252Fyourapplication%252525252525252525252Faccount%252525252525252525252Flogin%252525252525252525253FReturnUrl%252525252525252525253D%25252525252525252525252Fyourapplication%25252525252525252525252Faccount%25252525252525252525252Flogin%25252525252525252525253FReturnUrl%25252525252525252525253D%2525252525252525252525252Fyourapplication%2525252525252525252525252Faccount%2525252525252525252525252Flogin%2525252525252525252525253FReturnUrl%2525252525252525252525253D%252525252525252525252525252Fyourapplication%252525252525252525252525252Faccount%252525252525252525252525252Flogin%252525252525252525252525253FReturnUrl%252525252525252525252525253D%25252525252525252525252525252Fyourapplication%25252525252525252525252525252Faccount%25252525252525252525252525252Flogin%25252525252525252525252525253FReturnUrl% 25252525252525252525252525253D%2525252525252525252525252525252Fyourapplication%2525252525252525252525252525252Faccount%2525252525252525252525252525252Flogin%25252 52525252525252525252525253FReturnUrl%2525252525252525252525252525253D%252525252525252525252525252525252Fyourapplication%252525252525252525252525252525252Faccount%252525252525252525252525252525252Flogin
代码看起来像:
我正在测试以查看是否可以在任何地方默认[授权],并仍然出现我的自定义错误页面。 但是,上述错误出现而不是重定向。 我在WEB.CONFIG中没有“httpErrors”或“customErrors”条目。
protected void Application_Start()
{
AreaRegistration.RegisterAllAreas();
GlobalConfiguration.Configure(WebApiConfig.Register);
FilterConfig.RegisterGlobalFilters(GlobalFilters.Filters);
RouteConfig.RegisterRoutes(RouteTable.Routes);
BundleConfig.RegisterBundles(BundleTable.Bundles);
}
protected void Application_Error(object sender, EventArgs e)
{
var exception = Server.GetLastError();
var httpException = exception as HttpException;
Response.Clear();
Server.ClearError();
var routeData = new RouteData();
routeData.Values["controller"] = "Error";
routeData.Values["action"] = "General";
routeData.Values["exception"] = exception;
Response.StatusCode = 500;
if (httpException != null)
{
Response.StatusCode = httpException.GetHttpCode();
switch (Response.StatusCode)
{
case 403:
routeData.Values["action"] = "Forbidden";
break;
case 404:
routeData.Values["action"] = "NotFound";
break;
case 500:
routeData.Values["action"] = "UnExpected";
break;
}
}
IController errorsController = new ErrorController();
var rc = new RequestContext(new HttpContextWrapper(Context), routeData);
errorsController.Execute(rc);
}
public class FilterConfig
{
#region <Methods>
public static void RegisterGlobalFilters(GlobalFilterCollection filters)
{
// FORCE: Authorize on all actions (by default)
filters.Add(new AuthorizeAttribute());
}
#endregion
}
// The AUTHORIZE ATTRIBUTE is now defaulted on all actions...so we don't need it here
public class AccountController : BaseController
{
#region <Actions>
[HttpGet]
// The TEST is to see the ERRORS PAGE COME UP so put nothing here
public ActionResult Login(string returnUrl)
{
// The user-call should be redirected to the error page when called...but oddly isn't
}
#endregion
}
[AllowAnonymous]
public class ErrorsController : Controller
{
#region <Actions>
// GET: /Errors/Unexpected
[HttpGet]
[AllowAnonymous]
public ActionResult Unexpected()
{
TraceHandler.TraceIn(TraceLevel.Error);
var unitOfWork = new ApplicationUnitOfWork();
var viewModel = new UnExpectedErrorViewModel(unitOfWork);
Response.StatusCode = (int)viewModel.StatusCode;
Response.TrySkipIisCustomErrors = true;
TraceHandler.TraceOut();
return View(viewModel);
}
// GET: /Errors/Forbidden
[HttpGet]
[AllowAnonymous]
public ActionResult Forbidden()
{
TraceHandler.TraceIn(TraceLevel.Error);
var unitOfWork = new ApplicationUnitOfWork();
var viewModel = new ForbiddenErrorViewModel(unitOfWork);
Response.StatusCode = (int)viewModel.StatusCode;
Response.TrySkipIisCustomErrors = true;
Response.SuppressFormsAuthenticationRedirect = true;
TraceHandler.TraceOut();
return View(viewModel);
}
// GET: /Errors/NotFound
[HttpGet]
[AllowAnonymous]
public ActionResult NotFound()
{
TraceHandler.TraceIn(TraceLevel.Error);
var unitOfWork = new ApplicationUnitOfWork();
var viewModel = new NotFoundErrorViewModel(unitOfWork);
Response.StatusCode = (int)viewModel.StatusCode;
Response.TrySkipIisCustomErrors = true;
TraceHandler.TraceOut();
return View(viewModel);
}
#endregion
}
出于某种原因,您的登录页面正在将您重定向到登录页面,而该页面又被重定向到登录页面并...
您是否使用标准的Asp.net MVC登录系统? 你改变了什么配置? 您是否在登录方法中删除了[AllowAnonymous]
属性?
AccountController
上有一个[Authorize]
属性,它只允许登录用户查看所有操作。 显然, Login
和Register
以及匿名用户应该访问的任何其他方法都不希望这样做。
为什么我的查询字符串很长?
允许用户登录。 您的全局[Authorize]
过滤器正在检查您是否登录,它发现它为假,并再次将您重定向到登录页面,从而无限重定向,因此每次重定向时都会增加您的查询字符串。
解决方案是在您希望用户直接访问的方法上添加[AllowAnonymous]
属性。 在这种情况下,只需在登录方法中添加[AllowAnonymous]
属性,即可。