堆栈内存溢出
  简体   繁体   English

通过ASP.net中的客户端控件公开服务器端状态

[英]Exposing server-side state through client-side controls in ASP.net

 原文  2011-02-11 14:31:05       javascript/ asp.net/ ajax/ client-side-data

问题描述

Hopefully this isn't a redundant question--I'm not really sure how to word it. 希望这不是一个多余的问题-我真的不确定如何措辞。 Let's say I have a list of items on an ASP.net page. 假设我在ASP.net页面上有一个项目列表。 That list is selectable in that whenever the user clicks on one, the page does a postback and the server code stores the index or some unique identifier of the picture in a ViewState property indicating that it is currently selected. 该列表是可选择的,因为每当用户单击一个列表时,页面都会进行回发,并且服务器代码将图片的索引或某些唯一标识符存储在ViewState属性中,指示当前已选择该图片。

I would like to minimize the load on the server and therefore I would like to store the index or unique identifier representing the image in some way on the client side. 我想最小化服务器上​​的负载,因此我想以某种方式在客户端存储代表图像的索引或唯一标识符。 The best way I can think to do this is to store said information in a hidden field ), however I had two questions about this before I go crazy: 我可以想到的最好方法是将所说的信息存储在一个隐藏的字段中,但是在发疯之前,我对此有两个问题:

  1. Is this a security risk in any way, shape or form (ie, exposing implementation details of the page)? 这是否以任何方式,形状或形式(即,公开页面的实现细节)存在安全风险?

  2. Is there a better/best way to do this that is more industry-standard? 有没有更好的/最好的方法来达到行业标准? Does ASP.net provide a framework to do this that is cleaner than my idea? ASP.net是否提供了一个比我的想法还干净的框架? Seems like this would be a fairly common requirement to me... 看来这对我来说是一个相当普遍的要求。

I have been working in ASP.net for about two years now. 我已经在ASP.net中工作了大约两年了。 Please, be kind :-) 请,请客气:-)

Best, Patrick Kozub 最好,Patrick Kozub

1 个解决方案

解决方案1
 1 已采纳  2011-02-11 14:56:57

  1. The only security risk would be if some list items must remain non-selectable. 唯一的安全风险是某些列表项必须保持不可选择状态。 It sounds like that is not the case in your situation. 听起来情况并非如此。 The user already knows the information, because he or she already selected the item. 用户已经知道该信息,因为他或她已经选择了该项目。

    NOTE: If the server ever does anything with that information and pulls it back from the user, then you must validate the index value. 注意:如果服务器使用该信息执行任何操作并将其从用户那里拉回,则必须验证索引值。 Otherwise, the user could change it to an invalid index, such as (-2), and trigger an exception. 否则,用户可以将其更改为无效索引,例如(-2),并触发异常。

  2. You can store the index (or related value) in a global javascript variable. 您可以将索引(或相关值)存储在全局javascript变量中。 If you're avoiding a trip back to the server, .NET doesn't really have a role to play. 如果您避免返回服务器,则.NET实际上并没有扮演任何角色。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如何在ASP.NET中从客户端调用服务器端函数? - How to call server-side function from client-side in ASP.NET? Asp.Net:在服务器端还原DropDownList的客户端SelectedItem - Asp.Net: Restoring client-side SelectedItem of DropDownList on server-side 结合 Asp.Net Core 服务器端和 React 客户端 - Combining Asp.Net Core server-side and React client-side 如何填补ASP.NET webforms中服务器端和客户端之间的空白? - How to fill the gap between server-side and client-side in ASP.NET webforms? 在客户端加密ASP.NET文本字段,并在服务器端解密 - Encrypting ASP.NET text fields at client-side and decrypting them at server-side 客户端或服务器端(asp.net)图像映射都不会弹出html表单 - Neither client-side or server-side (asp.net) imagemap will popup html form 在asp.net中从客户端调用服务器端方法 - call server-side method from client-side in asp.net javascript客户端向asp.net服务器端返回值 - javascript client-side return value to asp.net server-side ASP.NET双列表框使用JQuery更新了客户端,以及如何在服务器端检索结果 - ASP.NET dual listboxes updated client-side with JQuery, and how to retrieve the results server-side asp.net-客户端控件更改未在服务器端看到 - asp.net - client-side control changes not seen server-side
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM