搜尋 request 結果:
HttpWebRequest vs HttpClient httpClient
Post File
Token
Cookie
檔案不落地
以下的程式碼不能縮寫:
var oldFilename = content.Headers.ContentDisposition.FileName.Trim('\"');
var contentStream = await content.ReadAsStreamAsync();
return await PostFile(url, inputName, contentStream, oldFilename,
authorizationToken, IsAddIpHeaders);
}
Post File
Token
Cookie
檔案不落地
以下的程式碼不能縮寫:
var oldFilename = content.Headers.ContentDisposition.FileName.Trim('\"');
var contentStream = await content.ReadAsStreamAsync();
return await PostFile(url, inputName, contentStream, oldFilename,
authorizationToken, IsAddIpHeaders);
}
Bike, 2021/12/31 下午 02:50:10
加構獨立的 API Server 時, 要使用 Cookie 認証必需有以下條件:
1. Web Server 和 API Server 有相同的父網域.
2. Cookie 的網域指定到相同的父網域.
3. 在 API 的 Application 中允許 CORS Request, 需要修改 Startup.cs
3.1 在 ConfigureServices 中要加入 AddCors, 而且要記得 AllowCredentials()
3.2 在 Configure 中, 要加入 app.UseCors("Cors(PolicyName"), 記得要在 UseAuthorization() 之前.
4. 在 Client 端要加上 withCredentials: true
1. Web Server 和 API Server 有相同的父網域.
2. Cookie 的網域指定到相同的父網域.
3. 在 API 的 Application 中允許 CORS Request, 需要修改 Startup.cs
3.1 在 ConfigureServices 中要加入 AddCors, 而且要記得 AllowCredentials()
public void ConfigureServices(IServiceCollection services)
{
services.AddCors(options =>
{
options.AddPolicy(name: "Cors(PolicyName",
builder =>
{
builder.WithOrigins("https://web1.yourdomain.com",
"https://web2.yourdomain.com")
.AllowCredentials();
});
});
services.AddControllers()
.AddNewtonsoftJson(opt =>
opt.SerializerSettings.ContractResolver = new CamelCasePropertyNamesContractResolver());
3.2 在 Configure 中, 要加入 app.UseCors("Cors(PolicyName"), 記得要在 UseAuthorization() 之前.
public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
app.UseExceptionMiddleware();
app.UseHttpsRedirection();
app.UseHttpsRedirection();
app.UseRouting();
app.UseCors(MyAllowSpecificOrigins);
app.UseAuthorization();
4. 在 Client 端要加上 withCredentials: true
$.ajax({
url: apiRoot + "apiurl",
type: 'GET',
dataType: 'json', // 預期從server接收的資料型態
success: function (res) {
console.log("success: ");
console.log(res);
},
xhrFields: {
withCredentials: true
},
error: function (XMLHttpRequest, textStatus, errorThrown) {
alert("發生錯誤");
}
});Bike, 2021/10/24 下午 05:17:54
httpRuntime 加 maxRequestLength 沒作用, 請到 system.webServer 設定 maxAllowedContentLength
<system.webServer>
...
<security>
<requestFiltering>
<!--1073741824 ==> 1GB-->
<requestLimits maxAllowedContentLength="1073741824" />
</requestFiltering>
</security>
...
</system.webServer>
Reiko, 2021/3/25 下午 02:36:36
試說明以下程式碼的功用, 以及可改進的部份.
--
基本題:
1. 對 Linq 熟嗎.
2. 對 ASP.Net 的 Cache 熟悉嗎.
3. 用過什麼 ORM, 試說明優缺點.
4. 試說明 MVC 的架構.
資安相關問題:
1. 試說明 SQL Injection
2. 試說明 Cross Site Injection.
3. 上傳檔案要注意的事項.
4. 試說明 cookie 的安全設定 ? same site, secure, http only.
前端相關加分題:
1. jQuery 或 Vue 熟悉嗎 ?
2. 試說明 RWD
3. 試說明 bootstrap
進階問題:
1. 試說明 Reflection
2. 試說明 Dependency Injection
3. 試說明 singleton vs static
4. 試單有兩個欄位 Id, Status (付款待確認: 1.1; 已付款: 2, 訂單已出貨: 3; 訂單取消中: 5; )
狀態 1.1 和 狀態 2 的訂單可取消,取消後改為狀態 5
客人要取消訂單,訂單編號為 123, 試說明程式執行的過程。
string EndDate = Request["EndDate"];
DataTable qtyControls = U2.SQL.DTFromSQL("Select YA00, PD00 from QtyControl Where EndDate > '" + EndDate + "' and SoldQty >= InitQty");
var values = qtyControls.AsEnumerable().Select(r => "('" + r.Field<string>("YA00") + "','" + r.Field<string>("PD00") + "')").ToList();
var sqls = new List<string>();
sqls.Add("Delete StopSaleYAP;");
int start = 0;
while(start < values.Count)
{
var end = start + 999;
if(end > values.Count - 1)
{
end = values.Count;
}
sqls.Add("insert into StopSaleYAP(YA00, PD00) Values" + string.Join(",", values.GetRange(start, end)) + ";");
start = end + 1;
}
U2.SQL.ExecuteSQL(string.Join("\r\n", sqls));
public static bool IsErrorOrder(Order.Input.CheckValidOrder dto)
{
if (dto.OrderNos == null || dto.OrderNos.Count == 0)
{
return false;
}
var orderCount = dto.OrderNos.Count();
var orders = NpreoOrderMain.GetList(dto.OrderNos);
if (orders.Count != orderCount || !dto.OrderNos.Any(x => orders.Select(o => o.Order_No).Contains(x)))
{
return true;
}
return false;
}
var fu = Request.Files[0];
fu.SaveAs(Server.MapPath("UploadFiles/") + fu.FileName);
--
基本題:
1. 對 Linq 熟嗎.
2. 對 ASP.Net 的 Cache 熟悉嗎.
3. 用過什麼 ORM, 試說明優缺點.
4. 試說明 MVC 的架構.
資安相關問題:
1. 試說明 SQL Injection
2. 試說明 Cross Site Injection.
3. 上傳檔案要注意的事項.
4. 試說明 cookie 的安全設定 ? same site, secure, http only.
前端相關加分題:
1. jQuery 或 Vue 熟悉嗎 ?
2. 試說明 RWD
3. 試說明 bootstrap
進階問題:
1. 試說明 Reflection
2. 試說明 Dependency Injection
3. 試說明 singleton vs static
4. 試單有兩個欄位 Id, Status (付款待確認: 1.1; 已付款: 2, 訂單已出貨: 3; 訂單取消中: 5; )
狀態 1.1 和 狀態 2 的訂單可取消,取消後改為狀態 5
客人要取消訂單,訂單編號為 123, 試說明程式執行的過程。
Bike, 2020/10/24 上午 10:24:51
FtpWebRequest類別沒有提供移動檔案的命令,但是可以透過WebRequestMethods.Ftp.Rename達成相同效果的功能。
FtpWebRequest ftp_Request = null/* TODO Change to default(_) if this is not a reference type */;
FtpWebResponse ftp_Response = null/* TODO Change to default(_) if this is not a reference type */;
string str_FtpAct = "XXX";
string str_FtpPwd = "XXX";
// Try to create backup folder. If folder already created, resume to backup.
try
{
ftp_Request = (FtpWebRequest)WebRequest.Create("D:/testfolder/backup");
ftp_Request.Credentials = new NetworkCredential(str_FtpAct, str_FtpPwd);
ftp_Request.Method = WebRequestMethods.Ftp.MakeDirectory;
ftp_Response = ftp_Request.GetResponse();
}
catch (WebException ex_Web)
{
FtpWebResponse ftp_ResponseEx = ex_Web.Response;
int int_ErrCode = ftp_ResponseEx.StatusCode;
// 550: Access is denied, means directory already exist
if (int_ErrCode != 550)
Console.WriteLine("Create Folder Failed!");
}
try
{
ftp_Request = (FtpWebRequest)WebRequest.Create("D:/testfolder/test.txt");
ftp_Request.Credentials = new NetworkCredential(str_FtpAct, str_FtpPwd);
ftp_Request.Method = WebRequestMethods.Ftp.Rename;
ftp_Request.RenameTo = "../testfolder/backup/test.txt";
ftp_Response = (FtpWebResponse)ftp_Request.GetResponse();
}
catch (WebException webex)
{
// Get FTP Error code and exception status
FtpWebResponse ftp_ResponseEx = webex.Response;
int int_FtpCode = ftp_ResponseEx.StatusCode;
// Do something
}
finally
{
if (ftp_Response != null)
ftp_Response.Close();
}
FtpWebRequest ftp_Request = null/* TODO Change to default(_) if this is not a reference type */;
FtpWebResponse ftp_Response = null/* TODO Change to default(_) if this is not a reference type */;
string str_FtpAct = "XXX";
string str_FtpPwd = "XXX";
// Try to create backup folder. If folder already created, resume to backup.
try
{
ftp_Request = (FtpWebRequest)WebRequest.Create("D:/testfolder/backup");
ftp_Request.Credentials = new NetworkCredential(str_FtpAct, str_FtpPwd);
ftp_Request.Method = WebRequestMethods.Ftp.MakeDirectory;
ftp_Response = ftp_Request.GetResponse();
}
catch (WebException ex_Web)
{
FtpWebResponse ftp_ResponseEx = ex_Web.Response;
int int_ErrCode = ftp_ResponseEx.StatusCode;
// 550: Access is denied, means directory already exist
if (int_ErrCode != 550)
Console.WriteLine("Create Folder Failed!");
}
try
{
ftp_Request = (FtpWebRequest)WebRequest.Create("D:/testfolder/test.txt");
ftp_Request.Credentials = new NetworkCredential(str_FtpAct, str_FtpPwd);
ftp_Request.Method = WebRequestMethods.Ftp.Rename;
ftp_Request.RenameTo = "../testfolder/backup/test.txt";
ftp_Response = (FtpWebResponse)ftp_Request.GetResponse();
}
catch (WebException webex)
{
// Get FTP Error code and exception status
FtpWebResponse ftp_ResponseEx = webex.Response;
int int_FtpCode = ftp_ResponseEx.StatusCode;
// Do something
}
finally
{
if (ftp_Response != null)
ftp_Response.Close();
}
高級水冷氣, 2020/8/4 下午 04:02:46
ASP.Net MVC 如果只輸出字串的話, 可用的事件有: 目前前台規劃配合 Template, 在各事件中做以下的工作
BaseController Constructor
TestController Construtor
Base BeginExecute: 記錄 requestContext, 提供 GetRouteValue 使用.
Child BeginExecute:
Base Initialize:
Child Initialize: 可以在這裡設定 master Page 的檔名
Child BeginExecuteCore
Base BeginExecuteCore: this.otMaster = new UW.Template(MasterPage); 在這個之後才能使用 otMaster
Child CreateActionInvoker: InitTemplate("Index.html"); 在這裡執行主要程式
Child OnAuthentication,
Base OnAuthentication
Child OnAuthorization
Base OnAuthorization
Child OnActionExecuting
Base OnActionExecuting 最後整理 Template.
Child Index(): return this.FinalHTML;
BaseController Constructor
TestController Construtor
Base BeginExecute: 記錄 requestContext, 提供 GetRouteValue 使用.
Child BeginExecute:
Base Initialize:
Child Initialize: 可以在這裡設定 master Page 的檔名
Child BeginExecuteCore
Base BeginExecuteCore: this.otMaster = new UW.Template(MasterPage); 在這個之後才能使用 otMaster
Child CreateActionInvoker: InitTemplate("Index.html"); 在這裡執行主要程式
Child OnAuthentication,
Base OnAuthentication
Child OnAuthorization
Base OnAuthorization
Child OnActionExecuting
Base OnActionExecuting 最後整理 Template.
Child Index(): return this.FinalHTML;
Bike, 2020/7/21 上午 10:58:12
在 Global.asax 中, 定義了 Application_PreSendRequestContent 的話, 會影響到 Application_Error 的輸出, 即始 Application_PreSendRequestContent 是空的: 感覺像是 Application_Error 失效
若是沒有 Application_PreSendRequestContent 的情況下. 結果如下圖:
若是沒有 Application_PreSendRequestContent 的情況下. 結果如下圖:
Bike, 2019/8/16 下午 05:05:45
IIS 7.0 之後
用 HttpContext.Current.Request.UserHostAddress 抓的IP會是
類似 fe80::b148:cddc:81cd:fd10%2
這樣的IPv6 位址
如果要抓 IPv4 要特別改寫
參考
https://dotblogs.com.tw/hunterpo/2011/03/21/21991
HttpContext.Current.Request.UserHostAddress
暫時的替代方法
public static string GetClientIPv4() { string ipv4 = String.Empty; foreach (IPAddress ip in Dns.GetHostAddresses(GetClientIP())) { if (ip.AddressFamily.ToString() == "InterNetwork") { ipv4 = ip.ToString(); break; } } if (ipv4 != String.Empty) { return ipv4; } // 原作使用 Dns.GetHostName 方法取回的是 Server 端資訊,非 Client 端。 // 改寫為利用 Dns.GetHostEntry 方法,由獲取的 IPv6 位址反查 DNS 紀錄, // 再逐一判斷何者屬 IPv4 協定,即可轉為 IPv4 位址。 foreach (IPAddress ip in Dns.GetHostEntry(GetClientIP()).AddressList) //foreach (IPAddress ip in Dns.GetHostAddresses(Dns.GetHostName())) { if (ip.AddressFamily.ToString() == "InterNetwork") { ipv4 = ip.ToString(); break; } } return ipv4; } /// <summary> /// 取得客戶端主機位址 /// </summary> public static string GetClientIP() { if (null == HttpContext.Current.Request.ServerVariables["HTTP_VIA"]) { return HttpContext.Current.Request.ServerVariables["REMOTE_ADDR"]; } else { return HttpContext.Current.Request.ServerVariables["HTTP_X_FORWARDED_FOR"]; } }
用 HttpContext.Current.Request.UserHostAddress 抓的IP會是
類似 fe80::b148:cddc:81cd:fd10%2
這樣的IPv6 位址
如果要抓 IPv4 要特別改寫
參考
https://dotblogs.com.tw/hunterpo/2011/03/21/21991
HttpContext.Current.Request.UserHostAddress
暫時的替代方法
public static string GetClientIPv4() { string ipv4 = String.Empty; foreach (IPAddress ip in Dns.GetHostAddresses(GetClientIP())) { if (ip.AddressFamily.ToString() == "InterNetwork") { ipv4 = ip.ToString(); break; } } if (ipv4 != String.Empty) { return ipv4; } // 原作使用 Dns.GetHostName 方法取回的是 Server 端資訊,非 Client 端。 // 改寫為利用 Dns.GetHostEntry 方法,由獲取的 IPv6 位址反查 DNS 紀錄, // 再逐一判斷何者屬 IPv4 協定,即可轉為 IPv4 位址。 foreach (IPAddress ip in Dns.GetHostEntry(GetClientIP()).AddressList) //foreach (IPAddress ip in Dns.GetHostAddresses(Dns.GetHostName())) { if (ip.AddressFamily.ToString() == "InterNetwork") { ipv4 = ip.ToString(); break; } } return ipv4; } /// <summary> /// 取得客戶端主機位址 /// </summary> public static string GetClientIP() { if (null == HttpContext.Current.Request.ServerVariables["HTTP_VIA"]) { return HttpContext.Current.Request.ServerVariables["REMOTE_ADDR"]; } else { return HttpContext.Current.Request.ServerVariables["HTTP_X_FORWARDED_FOR"]; } }
sean, 2019/6/27 下午 06:47:31
https://www.techrepublic.com/article/working-with-the-aspnet-globalasax-file/
Application_BeginRequest
Application_AuthenticateRequest
Application_AuthorizeRequest
Application_ResolveRequestCache
Application_AcquireRequestState
Application_PreRequestHandlerExecute
Application_PreSendRequestHeaders
Application_PreSendRequestContent
<<code is executed>>
Application_PostRequestHandlerExecute
Application_ReleaseRequestState
Application_UpdateRequestCache
Application_EndRequest
Application_BeginRequest
Application_AuthenticateRequest
Application_AuthorizeRequest
Application_ResolveRequestCache
Application_AcquireRequestState
Application_PreRequestHandlerExecute
Application_PreSendRequestHeaders
Application_PreSendRequestContent
<<code is executed>>
Application_PostRequestHandlerExecute
Application_ReleaseRequestState
Application_UpdateRequestCache
Application_EndRequest
Bike, 2018/3/27 下午 07:00:56
LINE Pay款流程:
reserve Page(紅科) 發送 reserve API => 取得 payment URL => 轉址到 payment URL => LINE Pay 檢查USER狀態 => 轉回confirm page(紅科), 發送 confirm API => DOWN.
付款需要程式:
reserve API, confirm API:
send request JSON and read return JSON:
C#:
.vb
工具網站:
JSON 轉物件 http://json2csharp.com/
C# to VB : http://converter.telerik.com/
#專案: 紅科
reserve Page(紅科) 發送 reserve API => 取得 payment URL => 轉址到 payment URL => LINE Pay 檢查USER狀態 => 轉回confirm page(紅科), 發送 confirm API => DOWN.
付款需要程式:
reserve API, confirm API:
send request JSON and read return JSON:
C#:
using System.Net;
using System.IO;
public partial class TEST : System.Web.UI.Page
{
DB.OrderMain oOrderObj = null;
protected void Page_Load(object sender, EventArgs e)
{
//Setting request header
HttpWebRequest httpWebRequest = (HttpWebRequest)WebRequest.Create("__APIRootURL__");
httpWebRequest.ContentType = "application/json; charset=UTF-8";
httpWebRequest.Method = "POST";
httpWebRequest.Headers.Add("X-LINE-ChannelId", DB.SysConfig.LINEPay.ChannelId);
httpWebRequest.Headers.Add("X-LINE-ChannelSecret", DB.SysConfig.LINEPay.SecretKey);
//加入參數
using (var streamWriter = new StreamWriter(httpWebRequest.GetRequestStream()))
{
string requestJSON = "{\"productName\": \"" + DB.SysConfig.SYSTEM_NAME + "\"," +
"\"productImageUrl\": \"" + DB.SysConfig.URL_Shopping + "images/Logo.jpg\"," +
"\"amount\": " + oOrderObj.TotalAmount() + "," +
"\"currency\": \"TWD\"," +
"\"orderId\": \"" + oOrderObj.DisplayOrderId + "\"," +
"\"confirmUrl\": \"" + DB.SysConfig.URL_Shopping + "Handler/LinePay/GotoComfirm.aspx?Id=" + oOrderObj.Id + "\"," +
"\"cancelUrl\": \"" + DB.SysConfig.URL_Shopping + "Shopping/OrderComplete.aspx?Id=" + oOrderObj.Id + "\"," +
"\"capture\": \"true\"," +
"\"confirmUrlType\": \"CLIENT\"}";
streamWriter.Write(requestJSON);
streamWriter.Flush();
streamWriter.Close();
}
//取得回覆資訊
var httpResponse = (HttpWebResponse)httpWebRequest.GetResponse();
//解讀回覆資訊
using (var streamReader = new StreamReader(httpResponse.GetResponseStream()))
{
var responseJSON = streamReader.ReadToEnd();
//將 JSON 轉為物件
GN.LinePay.reserveRes.ReturnJSON oReturnObj = (GN.LinePay.reserveRes.ReturnJSON)Newtonsoft.Json.JsonConvert.DeserializeObject(responseJSON, typeof(GN.LinePay.reserveRes.ReturnJSON));
if (oReturnObj.returnCode == "0000")
{
//成功
}
else
{
//失敗
string ErrMsg = "Error Code: " + oReturnObj.returnCode + "\r\n" + oReturnObj.returnMessage;
}
}
}
}
.vb
Imports System.Net
Imports System.IO
Partial Class TEST
Inherits System.Web.UI.Page
Dim oOrderObj As DB.OrderMain
Private Sub Admin_TEST_Load(sender As Object, e As EventArgs) Handles Me.Load
'Setting request header
Dim httpWebRequest As HttpWebRequest = WebRequest.Create("__APIRootURL__")
httpWebRequest.ContentType = "application/json; charset=UTF-8"
httpWebRequest.Method = "POST"
httpWebRequest.Headers.Add("X-LINE-ChannelId", DB.SysConfig.LINEPay.ChannelId)
httpWebRequest.Headers.Add("X-LINE-ChannelSecret", DB.SysConfig.LINEPay.SecretKey)
'加入參數
Using streamWriter As New StreamWriter(httpWebRequest.GetRequestStream())
Dim requestJSON As String = "{""productName"": """ + DB.SysConfig.SYSTEM_NAME + """," +
"""productImageUrl"": """ + DB.SysConfig.URL_Shopping + "images/Logo.jpg""," +
"""amount"": " + oOrderObj.TotalAmount() + "," +
"""currency"": ""TWD""," +
"""orderId"": """ + oOrderObj.DisplayOrderId + """," +
"""confirmUrl"": """ + DB.SysConfig.URL_Shopping + "Handler/LinePay/GotoComfirm.aspx?Id=" + oOrderObj.Id + """," +
"""cancelUrl"": """ + DB.SysConfig.URL_Shopping + "Shopping/OrderComplete.aspx?Id=" + oOrderObj.Id + """," +
"""capture"": ""true""," +
"""confirmUrlType"": ""CLIENT""}"
streamWriter.Write(requestJSON)
streamWriter.Flush()
streamWriter.Close()
End Using
'取得回覆資訊
Dim httpResponse As HttpWebResponse = httpWebRequest.GetResponse
'解讀回覆資訊
Using streamReader As New StreamReader(httpResponse.GetResponseStream())
Dim responseJSON As String = streamReader.ReadToEnd()
'將 JSON 轉為物件
Dim oReturnObj As GN.LinePay.reserveRes.ReturnJSON = Newtonsoft.Json.JsonConvert.DeserializeObject(responseJSON, GetType(GN.LinePay.reserveRes.ReturnJSON))
Dim ResMsg As String = ""
If oReturnObj.returnCode = "0000" Then
'成功
Else
'失敗
End If
End Using
End Sub
End Class
工具網站:
JSON 轉物件 http://json2csharp.com/
C# to VB : http://converter.telerik.com/
#專案: 紅科
Reiko, 2017/6/21 下午 07:22:58