Blazor 客户端发送 email
[英]Blazor client side send an email
问题描述
I included a contact form in a razor page, so an user can fill it with his email, a subject and a body.
我在 razor 页面中包含了一个联系表格,因此用户可以用他的 email、主题和正文填写它。 When he submit it, the email is send to my email adress.当他提交它时,email 被发送到我的 email 地址。
My code looks like this example我的代码看起来像这个例子
But when i submit my form, i had this error但是当我提交表单时,我遇到了这个错误
Operation is not supported on this platform.
It's not supported because i'm running it on the browser (client side).它不受支持,因为我在浏览器(客户端)上运行它。
I would like to know if someone as a turnaround for this case, without using a smtp server (since the user can access the credentials of the server) or我想知道是否有人作为这种情况的周转,而不使用 smtp 服务器(因为用户可以访问服务器的凭据)或
test@example.com
Thank you.谢谢你。
Regards, Samih.问候,萨米。
2 个解决方案
解决方案1
2 2021-05-29 17:47:13
This blog post may be helpful to you: Blazor (Wasm) – How to Send Email from a PWA .这篇博文可能对您有所帮助: Blazor (Wasm) – 如何从 PWA 发送 Email 。 It invokes the user's native mail application instead of relying on a server-based or API-based implementation.它调用用户的本机邮件应用程序,而不是依赖于基于服务器或基于 API 的实现。
Excerpted, "...for very basic email needs is to leverage the old-school technique of using “mailto:” anchor links combined with injecting Blazor's IJSRuntime."摘录,“...对于非常基本的 email 需求是利用老式技术,即使用“mailto:”锚链接并结合注入 Blazor 的 IJSRuntime。”
protected void SendLocalEmail(string toEmailAddress, string subject, string body)
{
JsRuntime.InvokeAsync<object>("blazorExtensions.SendLocalEmail",
new object[] { toEmailAddress, subject, body });
}
Then, in your wwwroot folder, you should have a corresponding.js file (ie GlobalFunctions.js) that contains the corresponding JavaScript SendLocalEmail() function然后,在您的 wwwroot 文件夹中,您应该有一个对应的.js 文件(即 GlobalFunctions.js),其中包含相应的 JavaScript SendLocalEmail() function
window.blazorExtensions = {
SendLocalEmail: function (mailto, subject, body) {
var link = document.createElement('a');
var uri = "mailto:" + mailto + "?";
if (!isEmpty(subject)) {
uri = uri + "subject=" + subject;
}
if (!isEmpty(body)) {
if (!isEmpty(subject)) { // We already appended one querystring parameter, add the '&' separator
uri = uri + "&"
}
uri = uri + "body=" + body;
}
uri = encodeURI(uri);
uri = uri.substring(0, 2000); // Avoid exceeding querystring limits.
console.log('Clicking SendLocalEmail link:', uri);
link.href = uri;
document.body.appendChild(link); // Needed for Firefox
link.click();
document.body.removeChild(link);
}
};
function isEmpty(str) {
return (!str || str.length === 0);
}
Finally, be sure you include a reference to your.js file in the index.html file (also in the wwwroot folder):最后,确保在 index.html 文件中包含对 your.js 文件的引用(也在 wwwroot 文件夹中):
<script src="GlobalFunctions.js"></script>
I place the above script reference below this line:我将上面的脚本引用放在这一行下面:
<script>navigator.serviceWorker.register('service-worker.js');</script>
解决方案2
1 已采纳 2021-02-22 09:13:04
This is not possible, because browsers have security restrictions which forbids sending E-Mails.这是不可能的,因为浏览器有禁止发送电子邮件的安全限制。 This restrictions doesn't come from Blazor or ASP.NET Core.此限制并非来自 Blazor 或 ASP.NET 内核。 It won't work with JavaScript either.它也不适用于 JavaScript。 Or at least not with questionable hacks .或者至少没有可疑的黑客攻击。
I won't recommend to use projects like smtp.js which are trying to work around those limitations: They're doing the only suiteable method by using a server-side API.我不会推荐使用像smtp.js这样的项目来解决这些限制:他们通过使用服务器端 API 来做唯一合适的方法。 But the problem here is, that you expose those credentials at least to smtp.js cause by generating a security token, they store your credentials on their servers so the API could fetch them when you call their Email.send() method from JS.但这里的问题是,您至少将这些凭据公开给 smtp.js,因为通过生成安全令牌,他们将您的凭据存储在他们的服务器上,因此 API 可以在您调用他们的Email.send()方法时获取它们。
To realize this securely, you need some kind of API on the server side for sending those mails using a mailserver (mostly with SMTP).为了安全地实现这一点,您需要在服务器端使用某种 API 来使用邮件服务器(主要使用 SMTP)发送这些邮件。 Since you say it runs on the browser, I'm assuming that you're using Blazor WebAssembly.既然你说它在浏览器上运行,我假设你正在使用 Blazor WebAssembly。 So either create an API project which could be called using eg Ajax from your WASM project or switch to Blazor Server which allows you to run the code directly on the server, if this is suiteable for the use-case .因此,要么创建一个 API 项目,该项目可以使用例如 Ajax 从你的 WASM 项目中调用,或者切换到Blazor 服务器,它允许你直接在服务器上运行代码,如果这个套件是可用的。
Important: Keep an eye on misuse!重要提示:注意滥用!
Even with your own API using credentials stored secretly on your own server, it's important to prevent misuse.即使您自己的 API 使用秘密存储在您自己的服务器上的凭据,防止滥用也很重要。 If there is an API that could send Mails to anyone with your account without any limitations, it will be only a matter of time until bots will abuse them to send spam - even when the credentials are not exposed!如果有一个 API 可以不受任何限制地使用您的帐户向任何人发送邮件,那么机器人滥用它们发送垃圾邮件只是时间问题——即使凭据没有暴露!
This can harm your on many ways:这可能会在很多方面伤害您:
- Spam or even malicious content in your name以您的名义发送垃圾邮件甚至恶意内容
- Your mail account got taken down您的邮件帐户已被删除
- Desired mails won't be send cause your mail is on every spam-list不会发送所需的邮件,因为您的邮件在每个垃圾邮件列表中
- ... ...
For that reasons it should be in your interest to send mails only from your servers with proper limits on that API like allowing only whitelisting senders, rate limits and so on.出于这个原因,您应该只从您的服务器发送邮件,并对 API 进行适当的限制,例如只允许将发件人列入白名单、速率限制等。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.