[英]How can I convert password string to Base64 string before sending form to backend?
我有一個樣本注冊表單,它在大多數情況下都能正常工作,但是當我嘗試使用密碼“U8 $&#6G#CBj”注冊新用戶時,我得到一個例外“從一個潛在危險的Request.Form值被檢測到客戶端“我的想法是在將密碼發送到后端之前將密碼轉換為Base64格式,然后在后端將密碼轉換回來。 我該怎么做?
@using (Html.BeginForm("Login", "Account", new { ReturnUrl = ViewBag.ReturnUrl }, FormMethod.Post, new { @class = "form-horizontal", role = "form" }))
{
@Html.AntiForgeryToken()
<h4>Use a local account to log in.</h4>
<hr />
@Html.ValidationSummary(true, "", new { @class = "text-danger" })
<div class="form-group">
@Html.LabelFor(m => m.Email, new { @class = "col-md-2 control-label" })
<div class="col-md-10">
@Html.TextBoxFor(m => m.Email, new { @class = "form-control" })
@Html.ValidationMessageFor(m => m.Email, "", new { @class = "text-danger" })
</div>
</div>
<div class="form-group">
@Html.LabelFor(m => m.Password, new { @class = "col-md-2 control-label" })
<div class="col-md-10">
@Html.PasswordFor(m => m.Password, new { @class = "form-control" })
@Html.ValidationMessageFor(m => m.Password, "", new { @class = "text-danger" })
</div>
</div>
<div class="form-group">
<div class="col-md-offset-2 col-md-10">
<div class="checkbox">
@Html.CheckBoxFor(m => m.RememberMe)
@Html.LabelFor(m => m.RememberMe)
</div>
</div>
</div>
<div class="form-group">
<div class="col-md-offset-2 col-md-10">
<input type="submit" value="Log in" class="btn btn-default" />
</div>
</div>
<p>
@Html.ActionLink("Register as a new user", "Register")
</p>
@* Enable this once you have account confirmation enabled for password reset functionality *@
<p>
@Html.ActionLink("Forgot your password?", "ForgotPassword")
</p>
}
在Alexei Levenkov的前端部分和Vidhyadhar Galande的后端的幫助下我解決了我的問題,這里是代碼:on View to form我在提交事件上添加了這個javascript函數
function encode(){
$('#Password').val(btoa($('#Password').val()));
$('#ConfirmPassword').val(btoa($('#ConfirmPassword').val()));
}
並在后端解碼字符串:
private string DecodeFromBase64(string inputBas64)
{
var base64EncodedBytesPassword = System.Convert.FromBase64String(model.Password);
string password = System.Text.Encoding.UTF8.GetString(base64EncodedBytesPassword);
return password;
}
嘗試這個
1)base64(編碼/解碼)
public static string base64Encode(string sData) // Encode
{
try
{
byte[] encData_byte = new byte[sData.Length];
encData_byte = System.Text.Encoding.UTF8.GetBytes(sData);
string encodedData = Convert.ToBase64String(encData_byte);
return encodedData;
}
catch (Exception ex)
{
throw new Exception("Error in base64Encode" + ex.Message);
}
}
public static string base64Decode(string sData) //Decode
{
try
{
var encoder = new System.Text.UTF8Encoding();
System.Text.Decoder utf8Decode = encoder.GetDecoder();
byte[] todecodeByte = Convert.FromBase64String(sData);
int charCount = utf8Decode.GetCharCount(todecodeByte, 0, todecodeByte.Length);
[] decodedChar = new char[charCount];
utf8Decode.GetChars(todecodeByte, 0, todecodeByte.Length, decodedChar, 0);
string result = new String(decodedChar);
return result;
}
catch (Exception ex)
{
throw new Exception("Error in base64Decode" + ex.Message);
}
}
2)EncodePasswordMd5
public static string EncodePassword(string pass, string salt) //encrypt password
{
byte[] bytes = Encoding.Unicode.GetBytes(pass);
byte[] src = Encoding.Unicode.GetBytes(salt);
byte[] dst = new byte[src.Length + bytes.Length];
System.Buffer.BlockCopy(src, 0, dst, 0, src.Length);
System.Buffer.BlockCopy(bytes, 0, dst, src.Length, bytes.Length);
HashAlgorithm algorithm = HashAlgorithm.Create("SHA1");
byte[] inArray = algorithm.ComputeHash(dst);
//return Convert.ToBase64String(inArray);
return EncodePasswordMd5(Convert.ToBase64String(inArray));
}
public static string EncodePasswordMd5(string pass) //Encrypt using MD5
{
Byte[] originalBytes;
Byte[] encodedBytes;
MD5 md5;
//Instantiate MD5CryptoServiceProvider, get bytes for original password and compute hash (encoded password)
md5 = new MD5CryptoServiceProvider();
originalBytes = ASCIIEncoding.Default.GetBytes(pass);
encodedBytes = md5.ComputeHash(originalBytes);
//Convert encoded bytes back to a 'readable' string
return BitConverter.ToString(encodedBytes);
}
@Using Namespace
using System;
using System.Security.Cryptography;
using System.Text;
using System.Text.RegularExpressions;
using System.Web;
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.