Geek Answers Handbook

How to intercept and pre-process QueryStrings in Asp.Net

We send registration URLs to customers by email. Some of the email clients turn URLs into

url <url>

I think this can happen when users forward the email to themselves, and at that moment the email client will reformat the original email address (maybe)

eg.

https://my.app.com/login.aspx?param=var

becomes

https://my.app.com/login.aspx?param=var%20%3Chttps://my.app.com/login.aspx?param=var%3E

What correctly produces a System.Web.HttpRequestValidationException: a potentially dangerous Request.QueryString value was detected

Where in the code should I intercept these instances and sanitize the URL so that the user is redirected to the original form of the URL?

global.asax? Page_Init? HttpHandler? ?

+5
1

Global Application_BeginRequest HttpModule.

Global

using System;
using System.Web;

namespace MassageIncomingRequestUrl
{
    public class Global : HttpApplication
    {
        protected void Application_BeginRequest(object sender, EventArgs e)
        {
            var app = (HttpApplication) sender;
            string path = app.Context.Request.Url.PathAndQuery;
            int pos = path.IndexOf("%20%3C");
            if (pos > -1)
            {
                path = path.Substring(0, pos);
                app.Context.RewritePath(path);
            }
        }
    }
}


using System;
using System.Web;

namespace MassageIncomingRequestUrl
{
    public class UrlMungeModule : IHttpModule
    {
        #region IHttpModule Members

        public void Init(HttpApplication context)
        {
            context.BeginRequest += BeginRequest;
        }

        public void Dispose()
        {
            //nop
        }

        #endregion

        private static void BeginRequest(object sender, EventArgs e)
        {
            var app = (HttpApplication)sender;
            string path = app.Context.Request.Url.PathAndQuery;
            int pos = path.IndexOf("%20%3C");
            if (pos>-1)
            {
                path = path.Substring(0,pos);
                app.Context.RewritePath(path);
            }

        }
    }
}

, , , . URL-, .

+2

More articles:


All Articles