Of Stack

The URL filter implementation code in ASP.NET

  • 2020-05-24 05:20:40
  • OfStack

Here is the definition of the class. 


using System;
 using System.Web;
 using System.Web.SessionState;

 namespace QTJZ
 {
     public class Filters : IHttpModule, IRequiresSessionState
     {
         public void Dispose() { }

         public void Init(HttpApplication application)
         {
             application.AcquireRequestState += new EventHandler(application_AcquireRequestState);
         }

         public void application_AcquireRequestState(object sender, EventArgs e)
         {
             HttpApplication application = sender as HttpApplication;
             HttpRequest request = application.Request;
             HttpResponse response = application.Response;

             string url=request.CurrentExecutionFilePath.Trim('/');
             string suffix = request.CurrentExecutionFilePathExtension.Trim('.');

             if (!url.Equals("Default.htm") && (suffix == "aspx" || suffix == "htm"))
             {
                 object sessionObj = application.Context.Session == null ? null : application.Session["useID"];
                 if (sessionObj==null)
                 {
                     response.Redirect("~/Default.htm");
                 }
             }
         }
     }
 }

To achieve the filtering effect, the Filters class needs to implement the IHttpMoeld interface, which requires two methods, one for Dispose and one for Init. The parameter of Init is an instance of type HttpApplication with which to register some events. Since you are now filtering URL, the AcquireRequestState event is registered. Similar incidents are listed below
BeginRequest The first event in the pipeline chain executes as HTTP when ASP.NET responds to a request. AuthenticateRequest Occurs when the security module has established the user identity. AuthorizeRequest Occurs when the security module has authenticated user authorization. ResolveRequestCache

Occurs after ASP.NET completes the authorization event for the cache module to service the request from the cache,

Thus bypassing the execution of an event handler, such as a page or XML Web services.

AcquireRequestState Occurs when ASP.NET gets the current state (such as session state) associated with the current request. PreRequestHandlerExecute Happens just before ASP.NET starts executing an event handler (for example, a page or an XML Web services). PostRequestHandlerExecute Occurs when the ASP.NET event handler (for example, a page or an XML Web service) completes execution. ReleaseRequestState Occurs after ASP.NET has executed all request event handlers. This event causes the state module to save the current state data. UpdateRequestCache Occurs when ASP.NET executes the event handler so that the cache module stores the response that will be used to service subsequent requests from the cache. EndRequest The last event in the pipeline chain is executed as HTTP when ASP.NET responds to a request.
Get the url to jump can use request's CurrentExecutionFilePath attribute, and get the request file suffix can use CurrentExecutionFilePathExtension, as to what rules to judge, according to the requirements. I am here to determine whether Session exists at the time of request. If it does not, it will jump back to the login page. Since Session is used, an exception is thrown when the page is opened with the message "session state is not available in this context." , no exceptions are thrown after the IRequiresSessionState interface is implemented.

Also required in the configuration file Web.config < system.web > Add the following code under the node 
 
<httpModules> 
<add name="filters" type="QTJZ.Filters"/> 
</httpModules>

Where the type property is the fully qualified name of the Filters class above

Related articles: