澄清__VIEWSTATE __EVENTVALIDATION __EVENTTARGET,需要__EVENTARGUMENT个 [英] Clarification on __VIEWSTATE __EVENTVALIDATION __EVENTTARGET , __EVENTARGUMENT needed
问题描述
我正在尝试成功实现对ASPX的 POST (
由于我不太在乎页面的外观(这一切都是在服务器端完成的),因此我没有发送任何参数 __ VIEWSTATE , __ EVENTVALIDATION , __ EVENTTARGET 和 __ EVENTARGUMENT ,虽然不是空的,但我确实发送了真实数据./p>
将这些参数发布到ASP.NET服务器有多重要?
我不是ASP.NET程序员,但我可能会怀疑 __ EVENTVALIDATION 可能会给我带来一些麻烦(?).还是在浏览器和服务器之间我不需要太在意的事情?
如果这很关键,我该如何模仿这些变量,以便服务器接受POSTS?
通常,您无法消除这些值.
ViewState和EventValidation至关重要-除非另一端已将其禁用.如果另一方使用它们并且在回发时找不到它们,则会出现抛出错误,并且该错误取决于程序如何处理.
ViewState包含回发后页面需要使用的信息.
EventValidation包含一个用于验证回发控件的密钥,以确保您不要尝试触发任何没有权限的命令,也不要发送任何没有运行权限的参数.
让我们举一个例子:假设我有一个发送数字43的控件和一个触发回发的按钮,我询问ID为43的信息.EventValidation会确保您不能创建一个脚本,并要求所有具有ID的数字,并获得您可能认为的任何结果.
I am trying to achieve a successful POST to an ASPX (ASP.NET) page (an external site) using cURL.
Since I don't care much for the looks of the page (it is all done on the server side), I am not sending ANY the arguments
__VIEWSTATE, __EVENTVALIDATION, __EVENTTARGET, and __EVENTARGUMENT, not even empty, but I do send the real data.
How crucial is it to POST these arguments to the ASP.NET server?
I am not an ASP.NET programmer, but I might suspect that __EVENTVALIDATION might give me some hard time here(?). Or is this something between the browser and the server that I don't need to care much for?
If this is crucial, how can I imitate these variables so the server accepts POSTS?
In general, you can not eliminate these values.
The ViewState and the EventValidation are critical - unless the other side has disabled them. If the other side use them and do not find them on postback, a throw error appears, and it depends on the program how it handles it.
The ViewState contains information that the page needs to use after the postback.
The EventValidation contains a key that validates the postback controls to be sure that you do not try to trigger any command that does not have permission, or send any argument that does not have permission to run.
Let's gives you an example: Let's say that I have a control that send a number, 43, and a button that trigger the postback, and I ask the information for id 43. The EventValidation takes care that you can not make a script and ask for all the numbers with any id and get any result that you may think.
这篇关于澄清__VIEWSTATE __EVENTVALIDATION __EVENTTARGET,需要__EVENTARGUMENT个的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
