stackoom
  简体   繁体   中英

In ASP.NET MVC how to make sure a variable dont get any value from client

 原文  2014-12-17 10:47:11       asp.net/ asp.net-mvc

Question

In a model of ASP.NET MVC application, how can we make sure that a particular parameter (ie a property) doesnot accept any value from the client.plese note, though we can simply not show any control like textbox or combobox for it , but a hacker kind of a person can send the values from http interceptor like webscrape etc.

so is there data annotation or so for it.

2 answers

solution1
 0  2014-12-17 10:54:12

I would go with an ActionFilter that clears form parameter before it's processed by controller.

sth like this:

public sealed class ClearValueActionFilter : ActionFilterAttribute
{    
        public override void OnActionExecuting(ActionExecutingContext filterContext)
        {
            filterContext.RequestContext.HttpContext.Request.Form.Remove([attribute name]);
        }
}

solution2
 0  2014-12-17 10:58:12

In you controller action method you can use Bind attribute to exclude a property you want:

public ActionResult Create([Bind(Exclude="Property)]Model model)
{
 ....
}

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How to get value from Asp.Net Mvc Form How to get selected value from radiobuttonfor in ASP.NET MVC How to get value of application variable in JavaScript from asp.net? How to get the client ip address in asp.net mvc? Get Client Value Back from ASP.Net Custom Control Get a default NULL value from DropDownList in ASP.NET MVC ASP.NET MVC 4 get value from IQueryable ASP.NET MVC - Get parameter value from URL in the view Need to get value from DropDownListFor asp.net mvc Need to get the Value from URL asp.net mvc 5
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM