ASP.NET Params Collection与QueryString，Forms与Request [“ index”]和Double Decoding

最新推荐文章于 2024-04-30 11:11:45 发布

cunfuxiao7305

最新推荐文章于 2024-04-30 11:11:45 发布

阅读量74

点赞数

文章标签：字符串 python java js spring ViewUI

原文链接：https://www.hanselman.com/blog/aspnet-params-collection-vs-querystring-forms-vs-requestindex-and-double-decoding

版权

In ASP.NET you can yank a value out of the QueryString like this, where QueryString is of type NameValueCollection but is internally an HttpValueCollection that includes some extra helper methods.

在ASP.NET中，您可以像这样从QueryString中提取一个值，其中QueryString是NameValueCollection类型，但在内部是HttpValueCollection，其中包括一些额外的帮助程序方法。

string foo = Request.QueryString["foo"];

 string foo = Request.QueryString["foo"];

But you can also go like this:

但是您也可以像这样去：

string foo = Request["foo"];

And folks know (passed through myth and legend) that the line above will search through the QueryString, Form, Cookies, and ServerVariables collections. However, it's important (for performance) to know what order the collections are searched. Here's the code from Reflector:

人们知道(经过神话和传说)，上面的行将搜索QueryString，Form，Cookie和ServerVariables集合。但是，(对于性能而言)了解集合的搜索顺序很重要。这是Reflector的代码：

    2 {
2 {
    3     string text1 = this.QueryString[key];
3个字符串text1 =此.QueryString [key];
    4     if (text1 != null)
4 if (text1！= null )
    5     {
5 {
    6         return text1;
6返回text1;
    7     }
7 }
    8     text1 = this.Form[key];
8个text1 =此.Form [key];
    9     if (text1 != null)
9 if (text1！= null )
   10     {
10 {
   11         return text1;
11返回text1;
   12     }
12 }
   13     HttpCookie cookie1 = this.Cookies[key];
13 HttpCookie cookie1 =此.Cookies [key];
   14     if (cookie1 != null)
14 if (cookie1！= null )
   15     {
15 {
   16         return cookie1.Value;
16返回cookie1.Value;
   17     }
17 }
   18     text1 = this.ServerVariables[key];
18 text1 =此.ServerVariables [key];
   19     if (text1 != null)
19 if (text1！= null )
   20     {
20 {
   21         return text1;
21返回text1;
   22     }
22 }
   23     return null;
23返回null ;
   24 }
24 }

So you can see what order things are searched in. However, personally, I don't like this default Item indexer. I prefer to be more explicit. I'd hate to accidentally retrieve a Cookie because a QueryString variable was missing. It's always better to be explicit and ask for what you want.

因此，您可以看到搜索的顺序是什么。但是，就我个人而言，我不喜欢这种默认的Item indexer。我宁愿更明确。我不希望因为缺少QueryString变量而意外检索Cookie。明确要问自己想要什么总是更好。

Interestingly, there is ANOTHER collection of QueryString, Form, Cookies, and ServerVariables, but rather than a "pseudo-collection" as we see above, this is an actual combined collection.

有趣的是，还有一个QueryString，Form，Cookie和ServerVariables的另一个集合，但它不是实际的组合集合，而不是我们上面看到的“伪集合”。

  432 public NameValueCollection Params
  433 {
  434     get
  435     {
  436         InternalSecurityPermissions.AspNetHostingPermissionLevelLow.Demand();
  437         if (this._params == null)
  438         {
  439             this._params = new HttpValueCollection();
  440             this.FillInParamsCollection();
  441             this._params.MakeReadOnly();
  442         }
  443         return this._params;
  444     }
  445 }
  446  
  447 private void FillInParamsCollection()
  448 {
  449     this._params.Add(this.QueryString);
  450     this._params.Add(this.Form);
  451     this._params.Add(this.Cookies);
  452     this._params.Add(this.ServerVariables);
  453 }
  454

The internal collection "_params" inside is a special derived NameValueCollection of type HttpValueCollection, and is exposed as NameValueCollection.

内部的内部集合“ _params”是类型为HttpValueCollection的特殊派生的NameValueCollection，并作为NameValueCollection公开。

Important Note: The constructor for HttpRequest will parse the actual string QueryString and UrlDecode the values for you. Be careful not to DOUBLE DECODE. Know what's encoded, when, and who does the decoding. Likely it's not you that needs to do anything. If you double decode you can get into some weird situations. Ben Suter reminded me that if you pass in /somepage.aspx?someParam=A%2bB you expect to get "A+B" as that param is the equivalent of HttpUtility.UrlEncode("A+B"). But, if you make a mistake and do HttpUtility.UrlDecode(Request.Params("someParam")), you'll get "A B" as the + was double-decoded as a space.

重要说明： HttpRequest的构造函数将为您解析实际的字符串QueryString和UrlDecode的值。注意不要双重解码。知道编码的内容，时间以及解码的人。可能不需要您做任何事情。如果您进行双重解码，则可能会遇到一些奇怪的情况。 Ben Suter提醒我，如果传入/somepage.aspx?someParam=A%2bB，则期望得到“ A + B”，因为该参数等效于HttpUtility.UrlEncode(“ A + B”)。但是，如果您犯了一个错误并执行HttpUtility.UrlDecode(Request.Params(“ someParam”))，则会收到“ AB”，因为+被双解码为空格。

Here's the trick though. If you have BOTH a QueryString parameter "Foo=Bar1" AND a Forms item called "Foo=Bar2" if you say string foo = Request.Params["Foo"]; you'll get a string back "Bar1,Bar2"! It's a collection, not a HashTable. So, never make assumptions when you use HttpRequest.Params, or you will get in trouble. If there's a chance you could get multiple values back, you need to consider using an explicit collection or be smart about your string.Split() code.

这是窍门。如果您同时拥有QueryString参数“ Foo = Bar1”和一个名为“ Foo = Bar2”的Forms项(如果您说字符串foo = Request.Params [“ Foo”]; 您将获得一个字符串“ Bar1，Bar2”！这是一个集合，而不是HashTable。因此，在使用HttpRequest.Params时切勿做任何假设，否则会遇到麻烦。如果有机会获得多个值，则需要考虑使用显式集合或对string.Split()代码有所了解。

翻译自: https://www.hanselman.com/blog/aspnet-params-collection-vs-querystring-forms-vs-requestindex-and-double-decoding

cunfuxiao7305

关注

0
点赞
踩
0

收藏

觉得还不错? 一键收藏
0
评论
ASP.NET Params Collection与QueryString，Forms与Request [“ index”]和Double Decoding

In ASP.NET you can yank a value out of the QueryString like this, where QueryString is of type NameValueCollection but is internally an HttpValueCollection that includes some extra helper methods.在ASP...
复制链接

扫一扫