提问人:Jagan T 提问时间:1/6/2020 最后编辑:Jagan T 更新时间:1/7/2020 访问量:682
有没有办法以编程方式更改 webmethod 参数?
Is there is any way to change the webmethod parameter programatically?
问:
在执行之前,需要操作 asp.net Web 服务 Web 方法输入。
例如:
我有一个叫做 .现在,我调用这个 Web 方法,输入值为“Jagan drop table”,但我需要将值更改为“Jagan”,然后将其传递给相应的 Web 方法。web1(string inp1)inp1inp1
我不想在每个 Web 方法中替换它,而是在公共位置(如通用函数或类)替换它。
答:
0赞
oleksa
1/6/2020
#1
您是否正在尝试处理 SQL 注入?只需在构建查询时使用 sql 参数即可避免这种情况。
我不认为这是在没有通知的情况下从传入参数中删除某些内容的好方法。最好检查sql注入,如果发现错误,则引发错误。
如果您正在寻找检查所有传入参数的方法,则可以使用 ASP.NET 中间件。 喜欢
public class SampleMiddleware
{
private readonly RequestDelegate _next;
public SampleMiddleware(RequestDelegate next)
{
_next = next;
}
public async Task InvokeAsync(HttpContext httpContext)
{
//you can have access for
httpContext.Request.Query
httpContext.Request.Headers
httpContext.Request.Body
}
}
你可以用SampleMiddleware.InvokeAsyncMicrosoft.AspNetCore.Builder.UseMiddlewareExtensions
public class Startup
{
public void Configure(IApplicationBuilder app)
{
app.UseMiddleware<SampleMiddleware>();
}
}
评论
0赞
1/6/2020
请记住,将取决于所使用的 .NET Framework 版本和编程方法(经典 ASP.NET、MVC、Razor Pages)。我不会做任何太花哨的东西,在这里,只要坚持基本原则。此外,跨多个函数的使用不依赖于异步执行;只需拥有一个可访问的类就足够了。在某些情况下,您甚至可以摆脱静态类函数。不过,请使用 SQL 参数。async
0赞
MBB
1/6/2020
#2
实现该要求的一种方法是使用 Soap 扩展 -
我正在获取以下站点的代码,并尝试相应地解释相同的代码 -
https://expertsys.hu/2017/10/11/renaming-asmx-webmethod-parameter-preserving-compatibility/
- 创建 Soap Extension 类。
- 整个处理发生在 processmessage 调用中。如果您看到 beforeSerialize 调用的“updateMessage”方法,此方法将解析并提取带有输入节点“inp1”的 XML,并根据您的要求将值替换为拆分运算符。如果需要,您可以进一步更改!
- “ParameterValueChangedSoapExtensionAttribute”类,该类将帮助指定 Soap Extention 类。
- 所有其他方法都是实现要求的帮助程序类。
public class ParameterValueChangedSoapExtension : SoapExtension
{
private Stream streamChainedAfterUs = null;
private Stream streamChainedBeforeUs = null;
private const int STREAMBUFFERSIZE = 65535;
private ParameterValueChangedSoapExtensionAttribute ParameterValueChangedSoapExtensionAttribute = null;
public override Stream ChainStream(Stream stream)
{
if (stream == null)
{
throw new ArgumentNullException("stream");
}
Stream ret = null;
this.streamChainedBeforeUs = stream;
this.streamChainedAfterUs = new MemoryStream();
ret = this.streamChainedAfterUs;
return ret;
}
public override object GetInitializer(Type serviceType)
{
throw new NotSupportedException();
}
public override object GetInitializer(LogicalMethodInfo methodInfo, SoapExtensionAttribute attribute)
{
if (attribute == null)
{
throw new ArgumentNullException("attribute");
}
object ret = attribute;
return ret;
}
public override void Initialize(object initializer)
{
if (initializer == null)
{
throw new ArgumentNullException("initializer");
}
ParameterValueChangedSoapExtensionAttribute = initializer as ParameterValueChangedSoapExtensionAttribute;
if (ParameterValueChangedSoapExtensionAttribute == null)
{
throw new InvalidOperationException(String.Format("initializer must be of type {0}, but its a {1}!", typeof(ParameterValueChangedSoapExtensionAttribute), initializer.GetType()));
}
}
public override void ProcessMessage(SoapMessage message)
{
if (message == null)
{
throw new ArgumentNullException("message");
}
switch(message.Stage)
{
case SoapMessageStage.BeforeSerialize:
break;
case SoapMessageStage.AfterSerialize:
streamChainedAfterUs.Position = 0;
Copy(streamChainedAfterUs, streamChainedBeforeUs);
break;
case SoapMessageStage.BeforeDeserialize:
UpdateMessage(message);
streamChainedAfterUs.Position = 0;
break;
case SoapMessageStage.AfterDeserialize:
break;
default:
throw new NotImplementedException(message.Stage.ToString());
}
}
private void UpdateMessage(SoapMessage message)
{
var soapMsgAsString = ReadOriginalSoapMessage();
var soapMsgRootNode = XElement.Parse(soapMsgAsString);
var callDescriptorNode = FindCallDescriptorNode(soapMsgRootNode, message.MethodInfo.Name);
var ns = callDescriptorNode.Name.Namespace;
var originalNameWeLookFor = ns + ParameterValueChangedSoapExtensionAttribute.OriginalParameterName;
var nodeWithOriginalName = callDescriptorNode.Elements().FirstOrDefault(i => i.Name == originalNameWeLookFor);
if (nodeWithOriginalName != null)
{
//Here implement according to your need!
nodeWithOriginalName.Value = nodeWithOriginalName.split(' ')[0];
var nodeWithCurrentName = new XElement(ns + ParameterValueChangedSoapExtensionAttribute.CurrentParameterName, nodeWithOriginalName.Value);
nodeWithOriginalName.AddAfterSelf(nodeWithCurrentName);
nodeWithOriginalName.Remove();
}
WriteResultSoapMessage(soapMsgRootNode.ToString());
}
private XElement FindCallDescriptorNode(XElement soapMsgRootNode, string methodName)
{
XElement ret = null;
var soapBodyName = soapMsgRootNode.Name.Namespace + "Body";
var soapBodyNode = soapMsgRootNode.Elements().First(i => i.Name == soapBodyName);
ret = soapBodyNode.Elements().First(i => i.Name.LocalName == methodName);
return ret;
}
private void WriteResultSoapMessage(string msg)
{
streamChainedAfterUs.Position = 0;
using (var sw = new StreamWriter(streamChainedAfterUs, Encoding.UTF8, STREAMBUFFERSIZE, true))
{
sw.Write(msg);
}
}
private string ReadOriginalSoapMessage()
{
string ret = null;
using (var sr = new StreamReader(streamChainedBeforeUs, Encoding.UTF8, false, STREAMBUFFERSIZE, true))
{
ret = sr.ReadToEnd();
}
return ret;
}
private void Copy(Stream from, Stream to)
{
using (var sr = new StreamReader(from, Encoding.UTF8, false, STREAMBUFFERSIZE, true))
{
using (var sw = new StreamWriter(to, Encoding.UTF8, STREAMBUFFERSIZE, true))
{
var content = sr.ReadToEnd();
sw.Write(content);
}
}
}
}
[AttributeUsage(AttributeTargets.Method, AllowMultiple=true)]
public class ParameterValueChangedSoapExtensionAttribute : SoapExtensionAttribute
{
public override Type ExtensionType
{
get { return typeof(ParameterNameChangedSoapExtension); }
}
public override int Priority { get; set; }
public string CurrentParameterName { get; private set; }
public string OriginalParameterName { get; private set; }
public ParameterValueChangedSoapExtensionAttribute()
{
this.CurrentParameterName = "inp1";
this.OriginalParameterName = "inp1";
}
}
请通过以下链接获取有关SOAP扩展的更多信息 -
评论
asmx