Of Stack

asp.net site anti malicious refresh Cookies and Session solution

  • 2021-01-11 01:57:26
  • OfStack

This article describes the example of asp.net website anti-malicious refresh Cookies and Session solution, WEB program design is very practical skills. Share with you for your reference. The specific implementation method is as follows:

Session version implementation method: 


public double time;
public const int freetime = 1;// Brush-proof freezing time interval , The current for 1 seconds 

#region  Anti-malicious refresh 
if (Session.SessionID == null)
{
  Response.End();
}
else if (Session["sionid"] == null)
{
  Session["sionid"] = Session.SessionID;
}
if (Session["last"] == null)
{
  Session["last"] = DateTime.Now;
}
else
{
  DateTime thisTime = DateTime.Now;
  DateTime lastTime = DateTime.Parse(Session["last"].ToString());

  if (Session.SessionID == Session["sionid"].ToString())
 Session["last"] = thisTime;
  TimeSpan ts = thisTime - lastTime;

  time = ts.TotalMilliseconds;
  if (time < freetime * 500)
  {
 warm_prompt();
  }
}
#endregion

public void warm_prompt()
{
    Response.Write("<table width='778' border='0' align='center' cellpadding='3' cellspacing='2' bgcolor='#009900' style='font-size: 14px; '>");
    Response.Write(" <tr bgcolor='#FFFFFF'>");
    Response.Write("  <td><img src='/newimages/logos.gif'></td>");
    Response.Write("  <td bgcolor='#EEFFEE' To ensure the security of your access , Would you please  " + freetime + "  Seconds later <a href='" + Request.RawUrl + "' target='_self' style='color:#FF0000;'> Click here to refresh </a> This page </td>");
    Response.Write(" </tr>");
    Response.Write("</table>");
    Response.End();
}

Cookies version implementation method: 


public double time;
public const int freetime = 2;

#region  Anti-malicious refresh 
string page;
if (Request.Cookies["page"] == null)
{
  page = "";
}
else
{
  page = HttpContext.Current.Request.Cookies["page"].Value.ToString(); // To obtain cookie Stored in the url value  
}

string strThisPage = HttpContext.Current.Request.Url.PathAndQuery.ToString();// Gets the current page address  
DateTime LastTime = DateTime.Now;
if (page.Equals(strThisPage))// if cookie Is equal to the current page, indicating a refresh operation  
{
  TimeSpan ts = LastTime - DateTime.Parse(HttpContext.Current.Request.Cookies["time"].Value.ToString());

  time = ts.Seconds;
  if (time < freetime)
  {
 warm_prompt();
  }
}
else
{
  // Perform operations  
  Response.Cookies["page"].Value = strThisPage;
  Response.Cookies["time"].Value = LastTime.ToString();
}
#endregion

public void warm_prompt()
{
    Response.Write("<table width='778' border='0' align='center' cellpadding='3' cellspacing='2' bgcolor='#009900' style='font-size: 14px; '>");
    Response.Write(" <tr bgcolor='#FFFFFF'>");
    Response.Write("  <td><img src='/newimages/logos.gif'></td>");
    Response.Write("  <td bgcolor='#EEFFEE' To ensure the security of your access , The page will be 2 After seconds will automatically jump to the content you want to visit! </td>");
    Response.Write(" </tr>");
    Response.Write("</table>");
    Response.Write("<meta http-equiv=\"refresh\" content=\"2\";URL=" + HttpContext.Current.Request.Cookies["page"].Value.ToString() + ">");
    Response.End();
}

I believe that this article described to everyone asp.net program design has a definite reference value.

Related articles: