[英]Is it possible to perform POST to external HTTPS url on server side and redirect user to the POST destination?
So I can do the following POST
submit所以我可以做以下
POST
提交
@Html.BeginForm(null, null, FormMethod.Post, new { @action = "https://externalsite.com/secretroom" })
{
<input id="SECRETCODE" name="SECRETCODE" type="hidden" value="GABEN" />
<input type="submit" value="submit"/>
}
After the submit, it will took me to https://externalsite.com/secretroom
.提交后,它会将我带到
https://externalsite.com/secretroom
。 But as you can see the SECRETCODE
is getting exposed in user HTML page and I don't want that.但是正如您所看到的,
SECRETCODE
在用户 HTML 页面中暴露出来,我不希望这样。
So what I'm gonna do is I'm trying to do the POST on my server side.所以我要做的是尝试在我的服务器端执行 POST。
public ActionResult Test()
{
using (var client = new HttpClient())
{
client.BaseAddress = new Uri("https://externalsite.com/secretroom");
var content = new FormUrlEncodedContent(new[]
{
new KeyValuePair<string, string>("SECRETCODE", "GABEN")
});
var result = await client.PostAsync("", content).Result;
if(result.IsSuccessStatusCode)
{
return Redirect("https://externalsite.com/secretroom");
}
}
}
The problem is I can't redirect the user because the externalsite
will deny it and I have no idea/no control over how the secretroom
validation works on externalsite
.问题是我无法重定向用户,因为
externalsite
会拒绝它,而且我不知道/无法控制secretroom
验证在externalsite
。 It will only allow access if I did it the way I did above.如果我按照上面的方式进行操作,它只会允许访问。
That being said, is this actually possible?话虽如此,这真的可能吗?
Edit : After getting a little more clarity on exactly what you're trying to accomplish, I don't believe you can do that.编辑:在更清楚地了解您要完成的工作之后,我不相信您可以做到这一点。 Specifically because in your first example, you're actually sending a response to the users browser which is redirecting them to the target site and sending along the form parameters for the ride.
特别是因为在您的第一个示例中,您实际上是在向用户浏览器发送响应,该浏览器将他们重定向到目标站点并发送行程的表单参数。 Whereas, programmatically POSTing the data is out-of-band of the browser.
然而,以编程方式发布数据是浏览器的带外。 The two approaches aren't interchangeable.
这两种方法不可互换。 You'll most likely need to work with the site provider to identify an alternative method if you're not satisfied sending sensitive data this way.
如果您不满意以这种方式发送敏感数据,您很可能需要与站点提供商合作来确定替代方法。
Original Solution原始解决方案
You can use the WebRequest class to programmatically POST the data over.您可以使用 WebRequest 类以编程方式发布数据。
WebRequest request = WebRequest.Create("https://externalsite.com/secretroom");
request.Method = "POST";
... rest omitted - refer to link below for specifics ...
https://msdn.microsoft.com/en-us/library/debx8sh9%28v=vs.110%29.aspx https://msdn.microsoft.com/en-us/library/debx8sh9%28v=vs.110%29.aspx
Also, you may want to refer to the following SO question for details on the variants of the WebRequest classes ie HttpWebRequest, FtpWebRequest, etc.此外,您可能希望参考以下 SO 问题,了解有关 WebRequest 类的变体(即 HttpWebRequest、FtpWebRequest 等)的详细信息。
C# HttpWebRequest vs WebRequest C# HttpWebRequest 与 WebRequest
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.