使用隐藏字段重定向到另一个网站

huangapple
go评论83阅读模式
英文:

Using Hidden Fields When Redirecting to Another Website

问题

使用C# Web Forms,我尝试在从网站A重定向到网站B(同一域,两个网站都使用Forms身份验证进行密码保护)的过程中使用隐藏字段。我尝试了不同的方法,但到目前为止,我无法从网站B登录代码后的Request.Form NameValueCollection中提取隐藏字段的值,在尝试访问请求表单键时出现了空引用异常。

网站A:

<asp:LinkButton ID="redirectLink" runat="server" OnClick="RedirectLink_Click"
OnClientClick="window.document.forms[0].target='_blank';">New Page - Website B
</asp:LinkButton>

Response.Clear();
StringBuilder sb = new StringBuilder();

sb.Append("<html>");
sb.Append("<body onload='submitForm()'>");
sb.AppendFormat("<form id='customForm' action='{0}' method='post'>", url + "/newpage.aspx?redirectPage=NewPage_Redirect");
sb.AppendFormat("<input type='hidden' name='Val1' value='{0}' id='Val1'>", Uri.EscapeDataString(value1));
sb.AppendFormat("<input type='hidden' name='Val2' value='{0}' id='Val2'>", Uri.EscapeDataString(value2));
sb.Append("</form>");
sb.Append("<script>");
sb.Append("function submitForm() {");
sb.Append("document.getElementById('customForm').submit();");
sb.Append("}");
sb.Append("</script>");
sb.Append("</body>");
sb.Append("</html>");
Response.Write(sb.ToString());
HttpContext.Current.ApplicationInstance.CompleteRequest();

网站B Page_Load:

if ((Request.QueryString["redirectPage"] != null)          
    && (Request.QueryString["redirectPage"].ToString() == "NewPage_Redirect"))
{
    Response.Write(Request.Form["Val1"].ToString()); // NULL REFERENCE EXCEPTION
    Response.Write(Request.Form["Val2"].ToString());
}

我漏掉了什么?

更新1:

网站A:

这是我在VS 2022中看到的HTML:

<html>
<body onload='submitForm()'>
<form id='customForm' action='https://websiteB.com/newpage.aspx?redirectPage=NewPage_Redirect' method='post'>
    <input type='hidden' name='Val1' value='abc123' id='Val1'>
    <input type='hidden' name='Val2' value='def456' id='Val2'>
</form>
<script>
    function submitForm() 
    {
        document.getElementById('customForm').submit();
    }
</script>
</body>
</html>

网站B Page_Load:

当我将网站B上的Response.Write(Request.Form["Val1"].ToString())更改为Response.Write(Request.Form["Val1"])时,我不再收到空引用异常。因此,我用以下内容替换了网站B上的测试代码,它显示键的长度为0:

string[] keys = Request.Form.AllKeys;
Response.Write(keys.Length.ToString()); //显示0

更新2:

使用浏览器工具,似乎代码中创建的HTML不会出现在生成的HTML中。我开始怀疑这可能类似于我12年前处理过的问题,即ASP.NET Web Forms不允许嵌套表单。仍在调查中。

更新3:

我忘了提到我在ASPX页面上使用了LinkButton - 以上的代码片段已经更新。

英文:

Using C# Web Forms, I am attempting to use hidden fields as part of a redirect from website A to website B (same domain, both sites password protected using Forms Authentication). I have tried different approaches, but so far am unable to extract the hidden field values from the Request.Form NameValueCollection in the website B Login code-behind, and am getting a null reference exception when trying to access the request form key.

Website A:

<asp:LinkButton ID="redirectLink" runat="server" OnClick="RedirectLink_Click"
OnClientClick="window.document.forms[0].target='_blank';">New Page - Website B
</asp:LinkButton>

Response.Clear();
StringBuilder sb = new StringBuilder();

sb.Append("<html>");
sb.Append("<body onload='submitForm()'>");
sb.AppendFormat("<form id='customForm' action='{0}' method='post'>", url + "/newpage.aspx?redirectPage=NewPage_Redirect");
sb.AppendFormat("<input type='hidden' name='Val1' value='{0}' id='Val1'>", Uri.EscapeDataString(value1));
sb.AppendFormat("<input type='hidden' name='Val2' value='{0}' id='Val2'>", Uri.EscapeDataString(value2));
sb.Append("</form>");
sb.Append("<script>");
sb.Append("function submitForm() {");
sb.Append("document.getElementById('customForm').submit();");
sb.Append("}");
sb.Append("</script>");
sb.Append("</body>");
sb.Append("</html>");
Response.Write(sb.ToString());
HttpContext.Current.ApplicationInstance.CompleteRequest();

Website B Page_Load:

if ((Request.QueryString["redirectPage"] != null)          
    && (Request.QueryString["redirectPage"].ToString() == "NewPage_Redirect"))
{
    Response.Write(Request.Form["Val1"].ToString()); // NULL REFERENCE EXCEPTION
    Response.Write(Request.Form["Val2"].ToString());
}

What am I missing?

UPDATE 1

Website A:

This is the HTML I see in VS 2022:

<html>
<body onload='submitForm()'>
<form id='customForm' action='https://websiteB.com/newpage.aspx?redirectPage=NewPage_Redirect' method='post'>
	<input type='hidden' name='Val1' value='abc123' id='Val1'>
	<input type='hidden' name='Val2' value='def456' id='Val2'>
</form>
<script>
	function submitForm() 
	{
		document.getElementById('customForm').submit();
	}
</script>
</body>
</html>

Website B Page_Load:

When I changed Response.Write(Request.Form["Val1"].ToString()) on website B to Response.Write(Request.Form["Val1"]), I no longer got the null reference exception. So, I replaced the test code on website B with the following which displays 0 for the length of keys:

string[] keys = Request.Form.AllKeys;
Response.Write(keys.Length.ToString()); //Displays 0

UPDATE 2:

Using browser tools, it seems the HTML being created in code is not appearing in the generated HTML. I'm starting to suspect this may be like an issue I dealt with 12 years ago, where ASP.NET Web Forms does not allow nested forms. Still investigating.

UPDATE 3

I forgot to mention I'm using a LinkButton on the ASPX page - code snippet above has been updated.

答案1

得分: 1

问题在于您实际上没有提交 Website A 上的表单。您只是生成了表单的 HTML,然后将其显示出来。这意味着隐藏字段实际上并未发送到 Website B。

要解决这个问题,您需要实际提交表单。您可以通过将以下代码添加到 RedirectLink_Click 事件处理程序中来实现这一点:

// 创建表单对象。
Form form = new Form();

// 向表单添加隐藏字段。
form.AddHiddenField("Val1", value1);
form.AddHiddenField("Val2", value2);

// 提交表单。
form.Submit();

这将实际提交表单,并将隐藏字段发送到 Website B。

一旦表单被提交,您可以在 Website B 的 Page_Load 事件处理程序中访问隐藏字段的值。以下代码将显示如何执行此操作:

string val1 = Request.Form["Val1"];
string val2 = Request.Form["Val2"];

// 使用隐藏字段的值执行某些操作。

此代码将获取隐藏字段的值并将其存储在变量 val1 和 val2 中。然后,您可以对这些值执行一些操作,例如在页面上显示它们或将它们存储在数据库中。

英文:

The problem is that you are not actually submitting the form on Website A. You are just generating the HTML for the form and then displaying it. This means that the hidden fields are not actually being sent to Website B.

To fix this, you need to actually submit the form. You can do this by adding the following code to the RedirectLink_Click event handler:

// Create the form object.
Form form = new Form();

// Add the hidden fields to the form.
form.AddHiddenField("Val1", value1);
form.AddHiddenField("Val2", value2);

// Submit the form.
form.Submit();

This will actually submit the form, and the hidden fields will be sent to Website B.

Once the form is submitted, you can then access the hidden field values in the Page_Load event handler on Website B. The following code will show you how to do this:

string val1 = Request.Form["Val1"];
string val2 = Request.Form["Val2"];

// Do something with the hidden field values.

This code will get the values of the hidden fields and store them in the variables val1 and val2. You can then do something with these values, such as displaying them on the page or storing them in a database.

huangapple
  • 本文由 发表于 2023年7月28日 04:04:28
  • 转载请务必保留本文链接:https://go.coder-hub.com/76783074.html
  • asp.net
  • forms-authentication
  • http
  • redirect
  • webforms
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定