override Request.QueryString

2019-08-03 16:52发布

站内文章 / C#
79 0 0

问题:

Hello fellow seasoned developers!

I was wondering if it were possible to override the .Net Request.QueryString object somehow? It would be really nice if this could be done without having to create my own HTTP module as well.

I have been tasked with RSA(1024) encrypting all the querystrings in my application. However, the application is already built and there's a LOT of places where querystrings are being set so ideally i would like to make a global change that would decrypt the query and place it in the normal Request.QueryString so as to not have to change my code everywhere, and maybe pass it along to other devs within my team and they also don't have to change their code.

Now, I already built the encryption object and use the SessionID for salts to make the keys unique per session. I have also tried intercepting the HTTP request in Global.asax so as to rewrite the request path with the decrypted query, however, that was a bust as any postbacks being performed on those pages put the decrypted querystring back into the POST, which i obviously don't want.

So now i'm at a stage where i would like instead of re-writing the path, to intercept or override the Request.QueryString object on a global level and use my decryption methods there whenever a call to this[key] is placed, and thus again, not having to stop using Request.QueryString. However, after hours of searching on the web, i could not find a single example on how to do this...

If anyone could help me out with this i would be most grateful!

回答1:

I think the easiest way to accomplish this is to use an Extension Method. Perhaps something like this:

    class Program 
{
    static void Main() 
    {
        var decryptedValue = HttpContext.Current.Request.DecryptQueryStringParam("myParam");
    }
}

public static class HttpRequestExtensions 
{
    public static string DecryptQueryStringParam(this HttpRequest extendee, string name)
    {
        // do stuff to decrypt
        return DecryptMethodStub(extendee.QueryString[name]);
    }

    private string DecryptMethodStub(string queryString)
    {
        return "something decrypted the string";
    }
}

Please note that the Program class above is for illustrative purposes only... in reality you would call Request.{ExtensionMethod} within the body of a asp.net web forms page or an MVC controller which already provide direct access to the HttpRequest object through the Request property.

here is some information about extensions:

http://msdn.microsoft.com/en-us/library/bb383977.aspx



标签: c# .net overriding request.querystring
举报

收藏的人(0)

Ta的文章 更多文章
登录 后发表评论
0条评论
还没有人评论过~