问题描述
我试图从访问 Utilities.aspx
页限制未经授权的用户和重定向他 Default.aspx的
页。
如果(authorizedUser.ToLower()!=管理员)
{
如果(!ClientScript.IsClientScriptBlockRegistered(UnauthorizedUserRedirect))
{
ClientScript.RegisterStartupScript(this.GetType(),UnauthorizedUserRedirect,<脚本>警报('!未经授权的访问\\ n \\ n您试图访问您无权查看的网页)LT; / SCRIPT> 真正的);
的Response.Redirect(Default.aspx的);
}
}
然而,当重定向工作正常,在警报
没有显示在页面上了。搜索这个问题告诉我,Response.Redirect的客户端code在所有之前被渲染完成了它的作用。
我怎样才能显示警报
在的Response.Redirect
?
我也试过在的Page_Load
这两种方法的Default.aspx的
键,都没有工作。如果发现某个连接bariable被设置,则显示警报。
如果(会话[未授权]!= NULL)
{
ClientScript.RegisterStartupScript(this.GetType(),UnauthorizedUserRedirect,警报('未经授权的访问\\ n \\ n您试图访问您无权查看的网页!');,真正的);
}
如果(会话[未授权]!= NULL)
{
form1.Attributes.Add(的OnLoad,JavaScript的:警报('!未经授权的访问\\ n \\ n您试图访问您无权查看的网页'););
}
您不能使用HTTP重定向+的JavaScript。如果你想显示重定向之前警报messaje,你需要使用100%的JavaScript的解决方案,从而产生很大的安全漏洞,可能容易引起非法accesss到该页面。
我说你能做的最好的是显示目标页面上的描述消息。你可以发送一个查询参数这一点。
I am trying to restrict an unauthorized user from accessing a Utilities.aspx
page and redirect him to Default.aspx
page.
if (authorizedUser.ToLower() != "admin")
{
if (!ClientScript.IsClientScriptBlockRegistered("UnauthorizedUserRedirect"))
{
ClientScript.RegisterStartupScript(this.GetType(), "UnauthorizedUserRedirect", "<script>alert('Unauthorized access!\n\nYou have attempted to access a page that you are not authorized to view.')</script>", true);
Response.Redirect("Default.aspx");
}
}
However, while the redirect is working fine, the alert
is not showing up on the page. Searching for this issue tells me that Response.Redirect completes its action before the client side code is rendered at all.
How can I display the alert
before the Response.Redirect
?
I also tried these two approaches in Page_Load
of Default.aspx
and both didn't work. If a certain session bariable is set, then display the alert.
if (Session["unauth"] != null)
{
ClientScript.RegisterStartupScript(this.GetType(), "UnauthorizedUserRedirect", "alert('Unauthorized access!\n\nYou have attempted to access a page that you are not authorized to view.');", true);
}
if (Session["unauth"] != null)
{
form1.Attributes.Add("OnLoad", "javascript:alert('Unauthorized access!\n\nYou have attempted to access a page that you are not authorized to view.');");
}
You can't use HTTP redirect + javascript. If you want to show an alert messaje before redirecting, you'll need to use a 100% javascript solution, generating a big security hole that could easily cause unauthorized accesss to that page.
I'd say the best you can do is showing a descriptive message on target page. You could send a querystring parameter for this.
这篇关于调用JavaScript的领先的Response.Redirect的的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!