Ter*_*hos 6 c# cookies asp.net-mvc jquery
我正在使用cookie在搜索页面中显示一些数据,但是当使用Unicode字符时,我的cookie会使值变得混乱.例如,当我存储时Inglês,我在Inglês读回来时会收到.
这就是我保存cookie的方式:
public void SalvaValue(string sessionKey, string sessionValue)
{
Response.Cookies.Add(new HttpCookie(sessionKey));
var httpCookie = Response.Cookies[sessionKey];
if (httpCookie != null) httpCookie.Value = sessionValue;
if (httpCookie != null) httpCookie.Expires = DateTime.Now.AddDays(14);
}
这是我检索它的方式:
if (Request.Cookies["BuscaTipo"] != null)
{
tipoBusca = Request.Cookies["BuscaTipo"].Value.ToString();
var cookie = new HttpCookie("BuscaTipo") { Expires = DateTime.Now.AddDays(-1) };
Response.Cookies.Add(cookie);
}
当我调试站点时,它在设置时在代码中显示正确的值,但在我使用jQuery执行请求后,该值会出现错误的字符.
如何在cookie中安全地存储Unicode字符?
请参阅如何在cookie中存储其他语言(unicode)并重新获取它,Unicode Cookie Value,如何使用HTTP标头发送非英语unicode字符串?和Cookie中的允许字符,以解释为什么需要编码cookie值.
简而言之:大多数浏览器都支持标题中的Unicode字符(发送cookie),但不是全部.有些浏览器将Unicode字节解释为ASCII,从而产生Mojibake.
jQuery似乎也根据一些链接问题发挥作用,但我无法重现.
因此,要在所有浏览器中安全地存储Unicode字符(或者更确切地说是任何非ASCII或控制字符),您需要对字符进行编码.这可以通过例如base64和percent-encoding来实现.
后者的实现,略微改编自Cookies和Unicode字符:
public static class CookieExtensions
{
public static string DecodedValue(this HttpCookie cookie)
{
if (cookie == null)
{
throw new ArgumentNullException("cookie");
}
return HttpUtility.UrlDecode(cookie.Value);
}
public static void SetEncodedValue(this HttpCookie cookie, string value)
{
if (cookie == null)
{
throw new ArgumentNullException("cookie");
}
cookie.Value = HttpUtility.UrlEncode(value);
}
public static string DecodedValues(this HttpCookie cookie, string name)
{
if (cookie == null)
{
throw new ArgumentNullException("cookie");
}
return HttpUtility.UrlDecode(cookie.Values[name]);
}
public static void SetEncodedValues(this HttpCookie cookie, string name, string value)
{
if (cookie == null)
{
throw new ArgumentNullException("cookie");
}
cookie.Values[name] = HttpUtility.UrlEncode(value);
}
public static string DecodedValues(this HttpCookie cookie, int index)
{
if (cookie == null)
{
throw new ArgumentNullException("cookie");
}
return HttpUtility.UrlDecode(cookie.Values[index]);
}
}
用法:
if (Request.Cookies["TestCookieValue"] != null)
{
ViewBag.CookieValue = Request.Cookies["TestCookieValue"].DecodedValue();
}
if (Request.Cookies["TestCookieValues"] != null)
{
ViewBag.CookieValues = Request.Cookies["TestCookieValues"].DecodedValues("foo");
ViewBag.CookieValuesIndexed = Request.Cookies["TestCookieValues"].DecodedValues(0);
}
var cookieWithValue = new HttpCookie("TestCookieValue");
cookieWithValue.Expires = DateTime.Now.AddHours(1);
cookieWithValue.SetEncodedValue("Inglês");
Response.SetCookie(cookieWithValue);
var cookieWithValues = new HttpCookie("TestCookieValues");
cookieWithValues.Expires = DateTime.Now.AddHours(1);
cookieWithValues.SetEncodedValues("foo", "Inglês");
Response.SetCookie(cookieWithValues);
请注意HttpUtility.UrlDecode()是危险的,使用AntiXSS来防止cookie值的跨站点脚本和SQL注入,这可以由客户端任意设置.
您也可能会重新考虑在cookie中存储Unicode值.您可以轻松地识别该语言,例如通过代码en-US或其数据库索引(如果适用).
| 归档时间: |
|
| 查看次数: |
6588 次 |
| 最近记录: |