在将表单发送到后端之前,如何将密码字符串转换为Base64字符串?
[英]How can I convert password string to Base64 string before sending form to backend?
问题描述
I have a sample registration form, it works properly for most cases, but when I try to register new user with password "U8$G#CBj" I'm getting an exception "A potentially dangerous Request.Form value was detected from the client" My idea is to convert password to Base64 format before sending it to backend and on backend convert it back. 
我有一个样本注册表单,它在大多数情况下都能正常工作,但是当我尝试使用密码“U8 $&#6G#CBj”注册新用户时,我得到一个例外“从一个潜在危险的Request.Form值被检测到客户端“我的想法是在将密码发送到后端之前将密码转换为Base64格式,然后在后端将密码转换回来。 How can I do it? 我该怎么做?
@using (Html.BeginForm("Login", "Account", new { ReturnUrl = ViewBag.ReturnUrl }, FormMethod.Post, new { @class = "form-horizontal", role = "form" }))
{
@Html.AntiForgeryToken()
<h4>Use a local account to log in.</h4>
<hr />
@Html.ValidationSummary(true, "", new { @class = "text-danger" })
<div class="form-group">
@Html.LabelFor(m => m.Email, new { @class = "col-md-2 control-label" })
<div class="col-md-10">
@Html.TextBoxFor(m => m.Email, new { @class = "form-control" })
@Html.ValidationMessageFor(m => m.Email, "", new { @class = "text-danger" })
</div>
</div>
<div class="form-group">
@Html.LabelFor(m => m.Password, new { @class = "col-md-2 control-label" })
<div class="col-md-10">
@Html.PasswordFor(m => m.Password, new { @class = "form-control" })
@Html.ValidationMessageFor(m => m.Password, "", new { @class = "text-danger" })
</div>
</div>
<div class="form-group">
<div class="col-md-offset-2 col-md-10">
<div class="checkbox">
@Html.CheckBoxFor(m => m.RememberMe)
@Html.LabelFor(m => m.RememberMe)
</div>
</div>
</div>
<div class="form-group">
<div class="col-md-offset-2 col-md-10">
<input type="submit" value="Log in" class="btn btn-default" />
</div>
</div>
<p>
@Html.ActionLink("Register as a new user", "Register")
</p>
@* Enable this once you have account confirmation enabled for password reset functionality *@
<p>
@Html.ActionLink("Forgot your password?", "ForgotPassword")
</p>
}
2 个解决方案
解决方案1
1 已采纳 2016-09-05 18:13:11
With help of Alexei Levenkov for frontend part and Vidhyadhar Galande for backend I solved my problem here is the code: on View to form I have added this javascript function on submit event 在Alexei Levenkov的前端部分和Vidhyadhar Galande的后端的帮助下我解决了我的问题,这里是代码:on View to form我在提交事件上添加了这个javascript函数
function encode(){
$('#Password').val(btoa($('#Password').val()));
$('#ConfirmPassword').val(btoa($('#ConfirmPassword').val()));
}
and on backend decode strings back: 并在后端解码字符串:
private string DecodeFromBase64(string inputBas64)
{
var base64EncodedBytesPassword = System.Convert.FromBase64String(model.Password);
string password = System.Text.Encoding.UTF8.GetString(base64EncodedBytesPassword);
return password;
}
解决方案2
0 2016-09-01 05:22:06
Try this
1) base64(Encode/decode) 1)base64(编码/解码)
public static string base64Encode(string sData) // Encode
{
try
{
byte[] encData_byte = new byte[sData.Length];
encData_byte = System.Text.Encoding.UTF8.GetBytes(sData);
string encodedData = Convert.ToBase64String(encData_byte);
return encodedData;
}
catch (Exception ex)
{
throw new Exception("Error in base64Encode" + ex.Message);
}
}
public static string base64Decode(string sData) //Decode
{
try
{
var encoder = new System.Text.UTF8Encoding();
System.Text.Decoder utf8Decode = encoder.GetDecoder();
byte[] todecodeByte = Convert.FromBase64String(sData);
int charCount = utf8Decode.GetCharCount(todecodeByte, 0, todecodeByte.Length);
[] decodedChar = new char[charCount];
utf8Decode.GetChars(todecodeByte, 0, todecodeByte.Length, decodedChar, 0);
string result = new String(decodedChar);
return result;
}
catch (Exception ex)
{
throw new Exception("Error in base64Decode" + ex.Message);
}
}
2) EncodePasswordMd5
public static string EncodePassword(string pass, string salt) //encrypt password
{
byte[] bytes = Encoding.Unicode.GetBytes(pass);
byte[] src = Encoding.Unicode.GetBytes(salt);
byte[] dst = new byte[src.Length + bytes.Length];
System.Buffer.BlockCopy(src, 0, dst, 0, src.Length);
System.Buffer.BlockCopy(bytes, 0, dst, src.Length, bytes.Length);
HashAlgorithm algorithm = HashAlgorithm.Create("SHA1");
byte[] inArray = algorithm.ComputeHash(dst);
//return Convert.ToBase64String(inArray);
return EncodePasswordMd5(Convert.ToBase64String(inArray));
}
public static string EncodePasswordMd5(string pass) //Encrypt using MD5
{
Byte[] originalBytes;
Byte[] encodedBytes;
MD5 md5;
//Instantiate MD5CryptoServiceProvider, get bytes for original password and compute hash (encoded password)
md5 = new MD5CryptoServiceProvider();
originalBytes = ASCIIEncoding.Default.GetBytes(pass);
encodedBytes = md5.ComputeHash(originalBytes);
//Convert encoded bytes back to a 'readable' string
return BitConverter.ToString(encodedBytes);
}
@Using Namespace
using System;
using System.Security.Cryptography;
using System.Text;
using System.Text.RegularExpressions;
using System.Web;
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.