I am writing a web app that has to deal with urls containing hash character ("#").
I am using MVC 1 with ASP.NET 3.5 (VS 2008).
My urls are like this one:
www.mysite.com/token/?name1=value1&#&name2=value2
My issue is that I cannot find a method to get the original URL, but only get the substring before the hash character:
www.mysite.com/token/?name1=value1&
I used the MVC methods provided from the class HttpRequestBase.
Anyone can suggest me an alternate method to get the entire url?
Thank you, this is my very first question!
PS: I think maybe I have to encode my hash character, isn'it?
You cannot access anything after the # from the server-side - this is all Client-side. You will need to find another way to pass the information you want through to the server.
If you are posting, you can do this with hidden fields. If you are using ajax posts, you can pass the data within the model.
Related
When I allow a user to enter text using s:textfield, he can enter something like <b>Name</b> or something like \Me/. I want that these should be escaped before I am saving them to the database. When we retrieve them, the escaping is done automatically, but I want it to happen also when we are saving it.
I was trying to return a json output from my action class, but due to a name \a/ stored in my database, wrong json was being formed. This would have been avoided if the name had been escaped before being saved into the database.
You can use StringEscapeUtils. You can call escapeJavascript(textfield) in your action and then store it into the database.
#Daud, The problem you explained is called Cross site scripting or XSS.
And I think you should use Filters to clean the request parameters. This is the most sophisticated way. You can call these filters for the actions which are posting some parameters via request.
Visit my blog to see how to avoid XSS threat using Filter approach.
I also faced this issue when our project was tested by well known firm specializing in security testing and they suggested this filter approach.
You can give it a try.
I have a controller and I current have it using redirect going to another controller, I know I can pass data around using the :query...
Is there any way I can do this without the use of http as I'm finding it impossible to send a hash using http.
I cant find this information any where, what is the most common way of sharing data (slash sending) data from one controller to another?
please help been working on this for hours, btw am new to RoR
If you are redirecting the browser, you will have to use the query option as redirect actually tells the browser to make another request to a different path.
If you just want to render the other controllers action you could call:
render :template=>"path to view you want to render"
As for actually calling the other action? You could distill (refactor) the logic into a lib and call the same logic from both controllers, then use the same view for both..
I found my answer, I may have not been specific enough with the question. But you can pass a hash using the query string; which obviously (now that I think of it) converts it to a string duh. so I just use eval in the receiving hash,
eval(#params['inputData'] which gives me the hash.
I'm considering using the hash method to create static urls to content that is managed by ajax calls in a Asp.Net MVC. The proof of concept i'm working on is a profile page /user/profile where one can browse and edit different sections. You could always ask for the following url /user/profile#password to access directly to you profile page, in the change password section
However, i'm wondering if i'm not starting this the bad way, since apparently i can't access the part after the hash in any way, except by declaring a route value for the hash in global.asax. So i'm wondering if this is the right way to access this part of the url?
Am i supposed to declare a route value, or is there another way to work with hash values (a framework, javascript or mvc)?
Edited to add:
In pure javascript, i have no problem using the window.location.hash property, i'm not sure though how standard it is in today's browsers, hence the question about a javascript framework/plugin that would use it.
The thing is that the part that follows the hash (#) is never sent to the server into the HTTP request so the server has absolutely no way of reading it. So no need to waste time in searching for something that doesn't exist.
You could on the other hand tune your routes to generate links that contain the hash part so that client scripts can read it.
Send the hash value document.location.hash as a parameter to the controller action of your choice.
This can be done in the code if needed...
RedirectResult(Url.Action("profile") + "#password");
should work fine
I'd like to be able to change the extension of a url and recieve the model in a different format.
e.g. if
/products/list
returns a html page containing a list of products, then
/products/list.json
would return them in a json list.
Note: I like the simplicity of the ASP.NET MVC REST SDK, it only requires about 5 lines of code to hook it in, but the format is specified as a query string parameter i.e. /products/list?format=json which is not what I want, I could tweak this code if there are no other options, but I don't want to reinvent the wheel!
I wrote a blog post that shows one possible example. It's a tiny bit complicated, but might work for your needs.
http://haacked.com/archive/2009/01/06/handling-formats-based-on-url-extension.aspx
You should be able to just use routes in conjunction with the rest sdk
If you have the flexibility to drop Apache or something similar in front of your service, you can always use mod_rewrite to rewrite an external http://products/list.json into http://products/list?format=json which your framework can render more easily.
Instead of "list.json", you could choose "list/json" and use a route like
{controller}/{action}/{id}
Then ProductController.List would be called, with an ID parameter of "json". The .List() action then would decide whether or not to return an HTML view or JSON content.
I have a problem with filtering in asp.net mvc.
I have a page with listed collection and the filter.
Filter has values for filtering collection, it is: category, status and the containing string. The problem is in internationalisation-application can be on more than one language, so the containing string can be special character, for example: ΓΌ
My route is List/{category}/{status}/{containingString}
should I use get method for sending also the containingString or should I use post method.
I am using little trick now, my form is posting to another action method of same controller, this controller get category and status from url and containingString from Request.Form and then redirect to List action method, containingString I am putting in TempData...as you see it is a some kind of dirty hack and I don't like it myself...
Anyone for a better solution to this problem?
Thanks
p.s. stackoverflow rocks!
You could strip the diacritics in the Router?