在发送电子邮件之前扫描asp.net页面... [英] scan a asp.net page before send a email...

问题描述

亲爱的所有人，
我有一个应用程序，在填写了asp.net页面后，单击应用"按钮，电子邮件将被触发.是否有可能在单击应用"按钮之后并且在被触发电子邮件之前，用防病毒软件扫描该页面.如果可能，请回复我带有C#代码n方向/建议.如果需要更多信息，请告诉我.


谢谢，
Avijit

Dear all,
i am having an application where after fill up the asp.net page click on apply button and email will fire.is it possible that after clicked on apply button and before fired email,scan that page with anti-virus.if possible please reply me with c# code n direction/suggestions.if more information required please let me know.


Thanks,
Avijit

推荐答案

这是一个愚蠢的问题.您的网页中不能包含病毒，除非您在其中放置了病毒.如果您的服务器没有病毒，那么为什么您的网页上只有一个病毒?似乎您不知道什么是病毒，什么是ASP.NET，病毒如何工作等.在服务器上运行防病毒功能，这是您需要做的所有事情，除非您要附加用户文件提供您的电子邮件.在这种情况下，您需要扫描文件，而不是asp.net页面.

This is a stupid question. Your web page can''t have a virus in it, unless you put one there. If your server has no viruses, why would you web page have one ? It seems you have no idea what a virus is, what ASP.NET is, how viruses work, etc. Run anti virus on your server, that''s all you need to do, unless you''re attaching a file the user provides with your email. In that case, you need to scan the file, not your asp.net page.

这个问题有些荒谬.首先，它是在客户端还是服务器端进行?我认为您是在谈论客户端-如果它是服务器端，那将是您的Web页面，其中如何包含病毒? 但是，如果这是客户端，则无法确定它是否为ASP.NET页面.从客户端的角度来看，没有诸如APS.NET或任何其他服务器端之类的东西.技术(PHP，Python，JPS，等等).

不清楚用防病毒扫描页面是什么意思.您想扫描什么，一个文本文件?如果下载一些二进制文件，则它们不称为网页.再说一次，尽管有流行的观点，但是只能从网页中感染病毒，因为Web浏览器会做一些肮脏的事情，例如，从Internet加载并执行一些二进制代码.不要做而且您不会被感染.我不知道如何通过邮寄请求获得病毒.该页面已经加载，并且一些脚本已经执行.

无论如何，有可能在加载页面后立即过滤掉页面的可疑部分，但它与发布请求无关.

不清楚，什么是发送电子邮件".如果您单击"mailto:"模式的锚，则可以在本地打开一些电子邮件代理.它与通过网站发送消息无关.由于Web应用程序对客户端发送邮件的机会一无所知，因此通常情况下，邮件是在服务器端发送的.客户端使用包含邮寄所需数据的表单，使用"POST"方法执行HTTP请求.服务器获取发布的数据，对其进行过滤，从中制作电子邮件并使用其自己的邮件服务器(例如SMTP)进行发送.可以非常安全的方式完成此过程，但是在过滤数据时需要格外小心.如果电子邮件是直接从客户端数据中提取的，则可以轻松地将其用作将服务器转变为分发垃圾邮件的僵尸之类的东西.正确过滤这些数据可以完全消除此类攻击的可能性.同样，它与服务器端Web开发有关，与扫描网页中的病毒无关.目前尚不清楚为什么在客户端发送电子邮件会引起特别关注.



另外，请注意根据用户输入发送电子邮件的危险.请查看我最近的答案:
无法发送邮件，它显示了以下代码中的错误. [

There are some absurdities in this question. First of all, is it going on on client side or server side? I think your''re talking about client side — if it was a server side, it would be your Web page, how can it contain viruses? But if this is a client side, you cannot know if it is ASP.NET page or not. From the standpoint of a client, there is not such thing as APS.NET or any other server-side technology (PHP, Python, JPS, whatever…).

Not clear what do you mean by scanning a page with anti-virus. What do you want to scan, a text file? If you download some binaries, they are not called Web pages. And again, despite the popular opinion, it is only possible to get a virus from the Web page because the Web browser does dirty things, for example, loads and execute some binary codes from Internet. Don''t do it; and you won''t get infected. I don''t see how you can get a virus as a result of the post request. The page is already loaded and some scripts are already executed.

Anyway, it''s possible to filter out suspect parts of the page right after it''s loaded, but it could not be related to post request.

Not clear, what is "fire e-mail". Is your click an anchor with the "mailto:" schema, you can open some e-mail agent — locally. It has nothing to do with sending messages through the Web site. As the Web application knows nothing about client''s opportunities to send mails, normally, the mail is sent on the server side. The client performs the HTTP request using "POST" method using the form containing data needed for mailing. The server gets posted data, filters it, makes a e-mail message out of it and sends using its own mail server (such as SMTP). This process could be done in a very secure way, but it needs a lot of care about filtering the data. If the e-mail is made out of client data as is, it can be easily used to turn a server into a zombie distributing spam or something like that. Proper filtering of this data can completely eliminate the possibilities for such exploits. Again, it is related to server-side Web development and has nothing to do with scanning of the Web page for viruses. It''s not clear why sending a e-mail can be a special concern at the client side.



Also, be aware of danger of sending e-mail based on the user input. Please see my recent answer:
unable to send mail , it showing the error in below code .[^].

—SA

这篇关于在发送电子邮件之前扫描asp.net页面...的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！