c# .net mvc链接地址过滤

1.运行方法写在Global.asax文件中

public void Application_BeginRequest(Object sender, EventArgs e)

{

//过滤Post参数

string url = this.Request.Url.ToString();

string filterUrl = utility.FilterUrl(url);

//过滤Get参数

if (this.Request.RequestType=="GET")

{

if (!url.Equals(filterUrl))

{

this.Response.Redirect(filterUrl);

}

}

}

2.过滤方法

　　 /// <summary>

/// URL过滤特殊字符

/// </summary>

/// <param name="url">URL</param>

/// <returns></returns>

public static string FilterUrl(string url)

{

string replaceStr = url;

if (!string.IsNullOrEmpty(url))

{

replaceStr = replaceStr.ToLower();

replaceStr = replaceStr.Replace("<", "");

replaceStr = replaceStr.Replace(">", "");

replaceStr = replaceStr.Replace("|", "");

replaceStr = replaceStr.Replace("\"", "");

replaceStr = replaceStr.Replace("'", "");

replaceStr = replaceStr.Replace("%", "");

replaceStr = replaceStr.Replace(";", "");

replaceStr = replaceStr.Replace("(", "");

replaceStr = replaceStr.Replace(")", "");

replaceStr = replaceStr.Replace("+", "");

replaceStr = replaceStr.Replace("script", "");

replaceStr = replaceStr.Replace("alert", "");

replaceStr = replaceStr.Replace("select", "");

replaceStr = replaceStr.Replace("update", "");

replaceStr = replaceStr.Replace("insert", "");

replaceStr = replaceStr.Replace("like", "");

replaceStr = replaceStr.Replace("applet", "");

replaceStr = replaceStr.Replace("body", "");

replaceStr = replaceStr.Replace("embed", "");

replaceStr = replaceStr.Replace("frame", "");

replaceStr = replaceStr.Replace("html", "");

replaceStr = replaceStr.Replace("iframe", "");

replaceStr = replaceStr.Replace("img", "");

replaceStr = replaceStr.Replace("style", "");

replaceStr = replaceStr.Replace("layer", "");

replaceStr = replaceStr.Replace("link", "");

replaceStr = replaceStr.Replace("ilayer", "");

replaceStr = replaceStr.Replace("meta", "");

replaceStr = replaceStr.Replace("object", "");

}

return replaceStr;

}

posted @ 2020-09-23 11:39 御翼仁粨狩阅读(303) 评论(0) 收藏举报

刷新页面返回顶部