问题描述
下面是场景中,用户从我们的Web应用程序开辟了非安全的网页,我们称之为网页A,在他们的浏览器,然后点击一个链接在那里,他们带到网页B的安全实例。一旦网页B的用户随后可以点击一个链接,将他们带回网页A的安全实例(他们已经看到,是的OutputCache)。我观察到,即使正在通过访问网页B之后不同的URL访问网页A(安全的)它的实际拉动前缓存副本,而制作新鲜的。我验证了一个调试会话此行为,并感到惊讶的是ASP.Net使用了相同的OutputCache项目的页面的一个安全副本。
Here is the scenario, a user opens up non-secure page from our WebApp, let's call it PageA, in their browser and then clicks a link in there that takes them to a secure instance of PageB. Once in PageB the user can subsequently click a link that takes them back to a secure instance of PageA (which they already viewed and is in OutputCache). I observed that even though PageA is being accessed over a different URL after visiting PageB (the secure one) it's actually pulling the prior cached copy rather making a fresh one. I verified this behavior in a debugging session, and was surprised that ASP.Net used the same OutputCache item for a secure copy of the page.
我的问题是为什么会这样?我如何告诉ASP.Net的OutputCache治疗从安全的URL访问作为比非安全相当于一个不同的/独特的项目?
My question is why is it this way? And how do I tell the ASP.Net OutPutCache to treat access from secure URL as a different/unique item than the non-secure equivalent?
[背景]
我们最近更换了我们的网站上的图像使用Scene7 / Akamai的所有图像。由于这个原因,我们增加code安全连接上查看某一网页时使用不同的Scene7的URL。这个问题的OutputCache不会允许,输出安全的URL的执行逻辑,并造成难看的浏览器警告。
We recently switched our Web Sites images over to use Scene7/Akamai for all images. As a result of this we added code to use different Scene7 url's when viewing a given page on a secure connection. This OutputCache issue is not allowing for the logic that outputs the secure url's to execute, and is resulting in ugly browser warnings.
推荐答案
我认为你可以做一个VaryByCustom是=方案,并添加到您的Global.asax.cs文件(计有,我作为使用其他几个人以及应用程序的版本和放大器;用户):
I think that you can do a VaryByCustom="scheme" and add this to your Global.asax.cs file (inlcuding a couple other others that I use as well app version & user):
public override string GetVaryByCustomString(HttpContext context, string custom)
{
if (custom.Equals("version", StringComparison.CurrentCultureIgnoreCase))
{
Assembly asm = Assembly.GetExecutingAssembly();
string[] parts = asm.FullName.Split(',');
string version = parts[1].Trim().ToLower();
return version;
}
else if (custom.Equals("user", StringComparison.CurrentCultureIgnoreCase))
{
var user = Membership.Users.CurrentUser;
return null == user ? string.Empty : user.Id.ToString();
}
else if (custom.Equals("scheme", StringComparison.CurrentCultureIgnoreCase))
{
var scheme = context.Request.IsSecureConnection ? "https" : "http";
return scheme;
}
else
return base.GetVaryByCustomString(context, custom);
}
这篇关于如何配置ASP.Net的OutputCache通过HTTP和https改变?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!