使用 [Authorize] 时请求超过配置的 maxQueryStringLength [英] request exceeds the configured maxQueryStringLength when using [Authorize]
问题描述
我在 C# 中有一个 MVC3 站点,我有一个特定视图从 JavaScript 函数中获取查询参数,该函数通过
I have a MVC3 site in C#, I have a particular view being fed query parameters from a JavaScript function, the function redirects to the site via
window.location.href = "../ActionName?"+ query_string;
window.location.href = "../ActionName?" + query_string;
query_string 是 JavaScript 函数构建的动态查询参数字符串.
query_string being the dynamic query parameters string built by the JavaScript function.
这种奇怪的原因是有时相同的函数将 URL 传递给 ASP.Net 网络表单,因为它必须使用 reportviewer 控件,替代操作是在此保存一些参数如果它传递给视图.(如果没有意义,可以详细说明)
The reason for this weirdness is that sometimes the same function passes the URL to an ASP.Net webform due to it having to use the reportviewer control, the alternate action is to save some parameters in this case it passes to the view. (Can elaborate more if that does not make sense)
在我将 [Authorize] 引入 action 方法之前,整个过程都很好.如果它就位,则中断,没有时也能正常工作,并且 [授权] 在所有其他方法上都可以正常工作.
The whole thing works fine until I introduce [Authorize] to the action method. Breaks if it is in place, works fine without, and [Authorize] works fine on all the other methods.
在这种情况下,整个 URL 为 966 个字符,经过研究,maxQueryStringLength 值似乎默认为 2048,但可以覆盖为任何整数类型的值,所以只是为了笑我添加了
The whole URL in this case is 966 chars long, after research it seems that the maxQueryStringLength value is 2048 by default but can overridden to any value of type integer, so just for grins I added the
<security>
<requestFiltering>
<requestLimits maxQueryString="2048"></requestLimits>
</requestFiltering>
</security>
key 下的 web 配置文件的 key.
key to the web config file under the key.
那里没有快乐,所以我变得很可笑并使它成为 4096,但仍然没有快乐.
No joy there, so I got ridiculous and made it 4096, still no joy.
现在整个 URL 长度为 966 个字符,授权属性不能认真添加另一个 1082-3130 个字符,所以我如何确定错误究竟是什么,或者为什么设置没有生效.
Now with the whole URL being 966 chars long, the authorize attribute cannot seriously be adding another 1082-3130 chars, so how can I determine what the error actually is, or why the setting is not taking effect.
VS2010 Pro SP1
VS2010 Pro SP1
推荐答案
当一个未经授权的请求进来时,整个请求都是经过 URL 编码的,并作为查询字符串添加到授权表单的请求中,所以我可以看到在哪里鉴于您的情况,这可能会导致问题.
When an unauthorized request comes in, the entire request is URL encoded, and added as a query string to the request to the authorization form, so I can see where this may result in a problem given your situation.
根据 MSDN,修改 web.config 中重置 maxQueryStringLength 的正确元素是
According to MSDN, the correct element to modify to reset maxQueryStringLength in web.config is the <httpRuntime> element inside the <system.web> element, see httpRuntime Element (ASP.NET Settings Schema). Try modifying that element.
这篇关于使用 [Authorize] 时请求超过配置的 maxQueryStringLength的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
