获取.NET Framework中的每个传入HTTP请求。

huangapple go评论67阅读模式
英文:

Get every incoming http request in .net framework

问题

I need to check every incoming http request in .net framework and decrypt data if needed.
How can I do it?
I know that in .net core it's done with middleware but how is it done in .net framework?

我需要检查.NET Framework中的每个传入HTTP请求,并在需要时解密数据。
我该如何做?
我知道在.NET Core中可以使用中间件来实现,但在.NET Framework中该如何实现呢?

I saw this code, in using http handler but i need more info:

我看到这段代码,使用了HTTP处理程序,但我需要更多信息:

英文:

I need to check every incoming http request in .net framework and decrypt data if needed.
How can I do it?
I know that in .net core it's done with middleware but how is it done in .net framework?

I saw this code, in using http handler but i need more info:

public void ProcessRequest(HttpContext context)  
    {  
        HttpRequest request = context.Request;  
        HttpResponse response = context.Response;  
  
        string imageURL = null;  
        // Perform a case-insensitive comparison.  
        if (request.UrlReferrer != null)  
        {   
            if(String.Compare(request.Url.Host,             request.UrlReferrer.Host,true,CultureInfo.InvariantCulture) ==0)  
            {  
                // The requesting host is correct.  
                // Allow the image (if it exists).  
                imageURL = request.PhysicalPath;  
                if (!File.Exists(imageURL))  
                {  
                    response.Status = "Image Not Found";  
                    response.StatusCode = 404;  
                }  
                else  
                {   
                }  
            }  
        }  

答案1

得分: 0

提供的代码似乎是HTTP处理程序中的一个方法。通常情况下,HTTP处理程序是在.NET Framework中从IHttpHandler接口派生的类中定义的。您可以创建自己的HTTP模块,如下所示,并在Web.config文件中映射此模块:

public class SecurityModule : IHttpModule
{
    public void Init(HttpApplication app)
    {
        //在这里,您可以注册任何事件,例如BeginRequest或AuthenticateRequest或PostAuthenticateRequest
        app.PostAuthenticateRequest += OnPostAuthenticateRequest;
    }

    public void Dispose()
    {
    }

    private static void OnPostAuthenticateRequest(object source, EventArgs eventArgs)
    {
        // 检查请求是否包含加密密钥
        var request = HttpContext.Current.Request;
        if (request.Headers.ContainsKey("Encryption-Key"))
        {
            // 解密请求体
            var requestBody = Encryption.Decrypt(request.Body.ToString(), request.Headers["Encryption-Key"]);
            request.Body = requestBody;
        }
    
        // 在这里,您可以编写要在PostAuthenticationEvent上执行的代码
        HttpContext.Current.Response.Write("执行后身份验证代码..." + "<br/>\r\n");
   }
}

上面的代码首先检查传入的HTTP请求是否在其标头中包含加密密钥。如果包含,则使用Encryption.Decrypt()方法解密请求体,并将解密后的内容设置为请求体属性以查看解密后的数据。然后,解密后的请求会传递到管道中的下一个步骤。另外,OnPostAuthenticateRequest方法提供了机会,可以放置任何其他需要处理传入请求的代码,例如修改标头或检查请求数据。这样,您的SecurityModule将在接收到HTTP请求时执行其OnPostAuthenticateRequest方法,该方法应包含所提供的代码。不要忘记在Web.config文件中注册您的模块。希望对您有所帮助 获取.NET Framework中的每个传入HTTP请求。

英文:

The provided code appears to be a method within an HTTP handler. Typically, HTTP handlers are defined in classes that derive from the IHttpHandler interface in .NET Framework. You can create your own HTTP module, as shown below, and map this module in your Web.config file:

public class SecurityModule : IHttpModule
{
    public void Init(HttpApplication app)
    {
        //Here you can register for any events, like BeginRequest or 
        AuthenticateRequest or PostAuthenticateRequest
        app.PostAuthenticateRequest += OnPostAuthenticateRequest;
    }

    public void Dispose()
    {
    }

    private static void OnPostAuthenticateRequest(object source, EventArgs eventArgs)
    {
        // Check if request contains encryption-key
        var request = HttpContext.Current.Request;
        if (request.Headers.ContainsKey(&quot;Encryption-Key&quot;))
        {
            // Decrypt request body
            var requestBody = Encryption.Decrypt(request.Body.ToString(), request.Headers[&quot;Encryption-Key&quot;]);
            request.Body = requestBody;
        }
    
        // Here you can write code to be executed on PostAuthenticationEvent
        HttpContext.Current.Response.Write(&quot;Executing post authentication code...&quot; + &quot;&lt;br/&gt;\r\n&quot;);
   }
}

The code above first checks if the incoming HTTP request contains an encryption key in its headers. If it does contain one, then it decrypts the request body using the Encryption.Decrypt() method and sets the decrypted content to the request body property to view the decrypted data. The decrypted request is then passed onto the next step in the pipeline.
In addition, the OnPostAuthenticateRequest method provides opportunity to place any other code you may need to handle the incoming request, as required, such as modifying headers or checking the request data.

This way, your SecurityModule will execute its OnPostAuthenticateRequest method, which should contain the provided code, whenever an HTTP request is received. Don't forget to register your module in the Web.config file.

Hope this helps 获取.NET Framework中的每个传入HTTP请求。

huangapple
  • 本文由 发表于 2023年6月6日 04:19:21
  • 转载请务必保留本文链接:https://go.coder-hub.com/76409739.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定