定制＆QUOT;检测到有潜在危险的Request的价值和QUOT;错误页面

本文介绍了定制＆QUOT;检测到有潜在危险的Request的价值和QUOT;错误页面的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！

问题描述

当我调用一个页面，一个未经授权的字符（如*），我得到检测到有潜在危险的Request的价值的黄色网页。这看起来是一个400错误页面。我的目标是可以自定义这个页面，并显示一个干净的错误页面或重定向到主页（我想这两种解决方案）。这是我写在我的web.config：

When I call a page with a non authorized character (such as *), i get a yellow page "A potentially dangerous Request.Path value was detected".It looks like it is a 400 error page.My goal is to customize this page and show a clean error page or redirect to home page (i tried both solutions).Here is what i wrote in my web.config:

<system.webServer>
 <httpErrors errorMode="Custom">
  <remove statusCode="400" subStatusCode="-1" />
  <remove statusCode="404" subStatusCode="-1" />
      <error statusCode="400" path="/page-non-trouvee.aspx?status=400" responseMode="ExecuteURL" />
  <error statusCode="404" path="/" responseMode="ExecuteURL" />
 </httpErrors>

我用IIS7。问题的关键是我的400页面仍显示为黄色错误页面。

I'm using IIS7.The point is my 400 page is still shown as a yellow error page.

必须有一个解决办法，因为尽管堆栈交易所数据浏览器有这个问题， http://data.stackexchange.com/users& ; NBSP 堆栈溢出本身并不： http://stackoverflow.com/users&nbsp

There must be a workaround because although the Stack Exchange Data Explorer has this problem with http://data.stackexchange.com/users&nbsp Stack Overflow itself does not: http://stackoverflow.com/users&nbsp

任何想法？

推荐答案

由于gbianchi提到的，你可以做一个的重定向是这样的：

As gbianchi mentioned, you could do a customErrors redirect like this:

<customErrors mode="On" redirectMode="ResponseRedirect" defaultRedirect="/404" />

然而，这将导致一个恼人的查询字符串与原来的路径和段

However, this would result in an annoying querystring with the original path and segment.

如果它是一个ASP.NET应用程序，你可以在你的Global.asax.cs文件超载Application_Error事件。这里是做在MVC的劈上下的方式：

If it's an ASP.NET application, you could overload the Application_Error event in your Global.asax.cs file. Here's a hack-ish way of doing it in MVC:

protected void Application_Error() {
    var exception = Server.GetLastError();
    var httpException = exception as HttpException;
    if (httpException == null) {
        return;
    }

    var statusCode = httpException.GetHttpCode();
    // HACK to get around the Request.Path errors from invalid characters
    if ((statusCode == 404) || ((statusCode == 400) && httpException.Message.Contains("Request.Path"))) {
        Response.Clear();
        Server.ClearError();
        var routeData = new RouteData();
        routeData.Values["controller"] = "Error";
        routeData.Values["exception"] = exception;
        Response.StatusCode = statusCode;
        routeData.Values["action"] = "NotFound";

        // Avoid IIS7 getting in the middle
        Response.TrySkipIisCustomErrors = true;
        IController errorsController = new ErrorController();
        HttpContextWrapper wrapper = new HttpContextWrapper(Context);
        var rc = new RequestContext(wrapper, routeData);
        errorsController.Execute(rc);
    }
}

这篇关于定制＆QUOT;检测到有潜在危险的Request的价值和QUOT;错误页面的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！