[AttributeUsage(AttributeTargets.Method)] public class WebApiSensitive : ActionFilterAttribute { public override void OnActionExecuting(System.Web.Http.Controllers.HttpActionContext actionContext) { SensitiveDataUtil.CheckForSQLs(HttpContext.Current.Request); base.OnActionExecuting(actionContext); } }
用上面的类来拦截请求
GlobalConfiguration.Configuration.Filters.Add(new WebApiSensitive());
把上面的代码放到Global.asax的Init()方法中,以注册到所有action去,也可用
[VolunteerApp.WebApi.WebApiSensitive]
特性来标注特定的方法
