例如我们将一个地址"showpost.aspx?postid=1000"重写为"posts/1000.aspx",如果这个页面中有个表单(form),那么输出到浏览器的HTML中,这个表单的action属性为<form action="showpost.aspx?postid=1000">而不是我们期望的<form action="1000.aspx">,这样就会暴露我们的真实地址,而且感觉也不爽。
我们可以通过自定义页面基类,重写默认的HtmlTextWriter方法,重写属性输出WriteAttribute(string name, string value, bool encode)方法,当输出action时,将action属性的值强制转换为当前虚URL(HttpContext.Current.Request.RawUrl,上面的1000.aspx)
最后就是让所有的页面都调用这个基类,修改一下Web.config就好了
<!-- Openlab.Controls.OLPage为页面基类,Openlab.Controls为基类所在dll -->
<pages pageBaseType="Openlab.Controls.OLPage, Openlab.Controls"/>
附页面基类完整代码(参考CS代码完成):
using
System;
using
System.IO;
using
System.Web;
using
System.Web.UI; ![None.gif](http://blog.joycode.com/images/OutliningIndicators/None.gif)
namespace
Openlab.Controls ![ExpandedBlockStart.gif](http://blog.joycode.com/images/OutliningIndicators/ExpandedBlockStart.gif)
...
{ ![ExpandedSubBlockStart.gif](http://blog.joycode.com/images/OutliningIndicators/ExpandedSubBlockStart.gif)
/**//// <summary>
/// 页面基类
/// </summary>
public class OLPage : Page ![ExpandedSubBlockStart.gif](http://blog.joycode.com/images/OutliningIndicators/ExpandedSubBlockStart.gif)
...{
public OLPage() ![ExpandedSubBlockStart.gif](http://blog.joycode.com/images/OutliningIndicators/ExpandedSubBlockStart.gif)
...{
} ![InBlock.gif](http://blog.joycode.com/images/OutliningIndicators/InBlock.gif)
![ContractedSubBlock.gif](http://blog.joycode.com/images/OutliningIndicators/ContractedSubBlock.gif)
Render#region Render ![InBlock.gif](http://blog.joycode.com/images/OutliningIndicators/InBlock.gif)
![ExpandedSubBlockStart.gif](http://blog.joycode.com/images/OutliningIndicators/ExpandedSubBlockStart.gif)
/**//// <summary>
/// 重写默认的HtmlTextWriter方法,修改form标记中的value属性,使其值为重写的URL而不是真实URL。
/// </summary>
/// <param name="writer"></param>
protected override void Render(HtmlTextWriter writer) ![ExpandedSubBlockStart.gif](http://blog.joycode.com/images/OutliningIndicators/ExpandedSubBlockStart.gif)
...{ ![InBlock.gif](http://blog.joycode.com/images/OutliningIndicators/InBlock.gif)
if (writer is System.Web.UI.Html32TextWriter) ![ExpandedSubBlockStart.gif](http://blog.joycode.com/images/OutliningIndicators/ExpandedSubBlockStart.gif)
...{
writer = new FormFixerHtml32TextWriter(writer.InnerWriter);
}
else ![ExpandedSubBlockStart.gif](http://blog.joycode.com/images/OutliningIndicators/ExpandedSubBlockStart.gif)
...{
writer = new FormFixerHtmlTextWriter(writer.InnerWriter);
} ![InBlock.gif](http://blog.joycode.com/images/OutliningIndicators/InBlock.gif)
base.Render(writer);
}
#endregion ![InBlock.gif](http://blog.joycode.com/images/OutliningIndicators/InBlock.gif)
![InBlock.gif](http://blog.joycode.com/images/OutliningIndicators/InBlock.gif)
} ![InBlock.gif](http://blog.joycode.com/images/OutliningIndicators/InBlock.gif)
![ContractedSubBlock.gif](http://blog.joycode.com/images/OutliningIndicators/ContractedSubBlock.gif)
FormFixers#region FormFixers ![InBlock.gif](http://blog.joycode.com/images/OutliningIndicators/InBlock.gif)
![ContractedSubBlock.gif](http://blog.joycode.com/images/OutliningIndicators/ContractedSubBlock.gif)
FormFixerHtml32TextWriter#region FormFixerHtml32TextWriter
internal class FormFixerHtml32TextWriter : System.Web.UI.Html32TextWriter ![ExpandedSubBlockStart.gif](http://blog.joycode.com/images/OutliningIndicators/ExpandedSubBlockStart.gif)
...{
private string _url; // 假的URL
internal FormFixerHtml32TextWriter(TextWriter writer):base(writer) ![ExpandedSubBlockStart.gif](http://blog.joycode.com/images/OutliningIndicators/ExpandedSubBlockStart.gif)
...{
_url = HttpContext.Current.Request.RawUrl;
} ![InBlock.gif](http://blog.joycode.com/images/OutliningIndicators/InBlock.gif)
public override void WriteAttribute(string name, string value, bool encode) ![ExpandedSubBlockStart.gif](http://blog.joycode.com/images/OutliningIndicators/ExpandedSubBlockStart.gif)
...{
// 如果当前输出的属性为form标记的action属性,则将其值替换为重写后的虚假URL
if (_url != null && string.Compare(name, "action", true) == 0) ![ExpandedSubBlockStart.gif](http://blog.joycode.com/images/OutliningIndicators/ExpandedSubBlockStart.gif)
...{
value = _url;
}
base.WriteAttribute(name, value, encode);
}
}
#endregion ![InBlock.gif](http://blog.joycode.com/images/OutliningIndicators/InBlock.gif)
![ContractedSubBlock.gif](http://blog.joycode.com/images/OutliningIndicators/ContractedSubBlock.gif)
FormFixerHtmlTextWriter#region FormFixerHtmlTextWriter
internal class FormFixerHtmlTextWriter : System.Web.UI.HtmlTextWriter ![ExpandedSubBlockStart.gif](http://blog.joycode.com/images/OutliningIndicators/ExpandedSubBlockStart.gif)
...{
private string _url;
internal FormFixerHtmlTextWriter(TextWriter writer):base(writer) ![ExpandedSubBlockStart.gif](http://blog.joycode.com/images/OutliningIndicators/ExpandedSubBlockStart.gif)
...{
_url = HttpContext.Current.Request.RawUrl;
} ![InBlock.gif](http://blog.joycode.com/images/OutliningIndicators/InBlock.gif)
public override void WriteAttribute(string name, string value, bool encode) ![ExpandedSubBlockStart.gif](http://blog.joycode.com/images/OutliningIndicators/ExpandedSubBlockStart.gif)
...{
if (_url != null && string.Compare(name, "action", true) == 0) ![ExpandedSubBlockStart.gif](http://blog.joycode.com/images/OutliningIndicators/ExpandedSubBlockStart.gif)
...{
value = _url;
} ![InBlock.gif](http://blog.joycode.com/images/OutliningIndicators/InBlock.gif)
base.WriteAttribute(name, value, encode);
}
}
#endregion ![InBlock.gif](http://blog.joycode.com/images/OutliningIndicators/InBlock.gif)
#endregion
}