“&"字符中断存储在 web.config 中的密码 [英] The "&" character breaks passwords that are stored in the web.config
问题描述
我有一个在 IIS 7.5 上运行的 ASP.NET MVC3 C# .NET 应用程序.
I have an ASP.NET MVC3 C# .NET Application running on IIS 7.5.
我们在代码中模拟了一个 Windows NT 服务帐户,以便将文档读/写到文件共享.用户 id 编译在代码中,服务帐户密码存储在 web.config 文件中.
We have a Windows NT service account we Impersonate in our code in order to read/write documents to a file share. The user id is compiled in the code and the service account password is stored in the web.config file.
密码包含一个与字符(即:p&ssword
).
The password contains an ampersand character (i.e.: p&ssword
).
这破坏了网站.访问网站时,我们收到此错误:抱歉,处理您的请求时出错".
This broke the site. When accessing the site we received this error :"Sorry, an error occurred while processing your request".
这是使用密码的代码:
var password = ConfigurationManager.AppSettings.Get(Common.SVC_PWD);
bool isSuccess = LogonUser(
@"my_svc_acct",
"my.domain.net",
password,
LOGON32_LOGON_NEW_CREDENTIALS,
LOGON32_PROVIDER_DEFAULT, ref token
);
为什么这会导致网站崩溃?
Why would this cause the site to break?
推荐答案
我怀疑您没有在 web.config
文件中正确编码密码.请记住,web.config
是一个 XML 文件,因此必须对实体进行编码.
I suspect that you didn't encode the password properly in the web.config
file. Remember that web.config
is a XML file, so entities must be encoded.
代替
my&password
试试
my&password
您可以使用诸如 FreeFormatter.com 之类的网站来转义/取消转义 XML 字符串.
You can use sites such as FreeFormatter.com to escape/unescape XML strings.
这篇关于“&"字符中断存储在 web.config 中的密码的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!