MVC的Web API:圆点URL参数值 [英] MVC Web API: dot in URL parameter value
问题描述
我已经实现搜索功能,以查找数据与码作为搜索条件,其中包括一个一(的一部分)。 。(点)中的值,所以它应该是可能的,以包括在搜索条件
I have implemented search functionality to look for data with a (part of a) code as search criteria, which includes a . (dot) in the value, so it should be possible to include that in the search criteria.
考虑网址:
myhost/api/search/88.
开箱即用,无需做任何多余的,这将导致404错误。虽然,这并不奇怪,在URL如果我删除了点正常工作。
Out of the box, without doing anything extra, that will result in a 404 error. While, not surprisingly, the url works fine if I remove the dot.
我发现的这个作为StackOverflow的可能的答案:
I found this as possible answer on StackOverflow:
<system.web>
<httpRuntime relaxedUrlToFileSystemMapping="true" />
</system.web>
问题的
Question
这是卓有成效的,但我不知道这是最好的解决方案。我的意思是,有一个轻松的URL机制是好的,如果它是无害的,否则,我不希望有会导致比我现在想要的网点更多的伤害其他字符的麻烦。也许我打开地狱门只是该修复...
This does the trick, but I am not sure if this is the best solution. I mean, having a relaxed url mechanism is fine if it's otherwise harmless, but I wouldn't want to have trouble with other chars that would cause more damage than the dot I want now. Maybe I'm opening the door to hell just for this fix...
我能相信这个解决方案还是有一个更安全的替代?
Can I trust this solution or is there a safer alternative?
推荐答案
如果该值被传递到URL是可以由用户输入的搜索词,我不配置我的路由系统来处理这些值因为他们是不可预测的。
If the value being passed into the URL is a search term that can be entered by the user, I wouldn't configure my routing system to handle these values because they are unpredictable.
您应该编码字符串,并将其传递通过查询字符串或发布并将其绑定到的WebAPI的对象。
You should encode the string and pass it through the query string or post it and bind it to an object in WebAPI.
在条件的打开地狱门的我认为你应该考虑的在这个问题点提高。如果你必须设置类似 relaxedUrlToFileSystemMapping 这是出现放宽一些ASP.NET MVC的默认安全系统的东西我会倾向于朝着这一没有按一个解决方案,瘦T依赖于这样的变化。
In terms opening the door to hell I think that you should consider the points raised in this question. If you have to set something like relaxedUrlToFileSystemMapping which is something that appears to relax some of the default security systems of ASP.NET MVC I'd tend to lean towards a solution that doesn't rely on a change like this.
这篇关于MVC的Web API:圆点URL参数值的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
