[英]Show script depending on innerwidth - without “potentially dangerous request.form”
What I want: 我想要的是:
I have a situation where I want to show affiliate ads on my website. 我有一种情况想要在我的网站上显示会员广告。 These are basically javascripts, with content within them.
这些基本上是javascript,其中包含内容。 As my site has a responsive design, I want to load different ads depending on the jQuery innerwidth property.
由于我的网站采用自适应设计,因此我想根据jQuery innerwidth属性加载不同的广告。 So summed up: I want to load different javascripts depending on the innerwidth property.
综上所述:我想根据innerwidth属性加载不同的javascript。
What I have done: 我做了什么:
I load two different javascripts in hiddenfields, and depending on the innerwidth, I show either one with the div.html() command. 我在hiddenfields中加载了两种不同的javascript,并且根据内部宽度,我使用div.html()命令显示了其中一种。 However, this gives the "potentially dangerous request.form" error when the user submits a post (ASP.NET defence of XSS), as the content loaded has dangerious characthers, which makes sense.
但是,当用户提交帖子(XSS的ASP.NET防御)时,这会产生“潜在危险的request.form”错误,因为加载的内容具有危险的特征,这是有道理的。
I could say "ValidateRequest=false" on all pages, but that's a horrible solution which would open a lot of security problems. 我可以在所有页面上说“ ValidateRequest = false”,但这是一个可怕的解决方案,将带来很多安全问题。
My thoughts... 我的想法...
The best way would be to load the ads from the server-side, but we don't know the browser width here. 最好的方法是从服务器端加载广告,但是我们不知道这里的浏览器宽度。 From what I've been able to read, it seems hard / impossible to get the innerwidth value at page_load.
根据我的理解,似乎很难/不可能在page_load中获取innerwidth值。
But I would like to load my ads without making a potentially dangerious request. 但是,我希望在不提出潜在危险请求的情况下加载广告。
Any ideas on how to solve this? 关于如何解决这个问题的任何想法?
The solution I ended up with, was to set the HTML of to invisible divs, DivA and DivB, at Page_Load. 我最终得到的解决方案是在Page_Load处将HTML的HTML设置为不可见的div,DivA和DivB。
Then, in JavaScript, depending on the innerwidth property (and on the resize event), I could set the divs to visible/invisible. 然后,在JavaScript中,根据innerwidth属性(以及resize事件),我可以将div设置为可见/不可见。
Very simple solution, compared to what I was trying to do. 与我尝试做的相比,非常简单的解决方案。 Yes, it gives a little bit more rendered HTML, but at least it works and it's fast.
是的,它提供了更多呈现的HTML,但至少它可以运行而且速度很快。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.