asp.net site anti malicious refresh Cookies and Session solution
- 2021-01-11 01:57:26
- OfStack
This article describes the example of asp.net website anti-malicious refresh Cookies and Session solution, WEB program design is very practical skills. Share with you for your reference. The specific implementation method is as follows:
Session version implementation method:
public double time;
public const int freetime = 1;// Brush-proof freezing time interval , The current for 1 seconds
#region Anti-malicious refresh
if (Session.SessionID == null)
{
Response.End();
}
else if (Session["sionid"] == null)
{
Session["sionid"] = Session.SessionID;
}
if (Session["last"] == null)
{
Session["last"] = DateTime.Now;
}
else
{
DateTime thisTime = DateTime.Now;
DateTime lastTime = DateTime.Parse(Session["last"].ToString());
if (Session.SessionID == Session["sionid"].ToString())
Session["last"] = thisTime;
TimeSpan ts = thisTime - lastTime;
time = ts.TotalMilliseconds;
if (time < freetime * 500)
{
warm_prompt();
}
}
#endregion
public void warm_prompt()
{
Response.Write("<table width='778' border='0' align='center' cellpadding='3' cellspacing='2' bgcolor='#009900' style='font-size: 14px; '>");
Response.Write(" <tr bgcolor='#FFFFFF'>");
Response.Write(" <td><img src='/newimages/logos.gif'></td>");
Response.Write(" <td bgcolor='#EEFFEE' To ensure the security of your access , Would you please " + freetime + " Seconds later <a href='" + Request.RawUrl + "' target='_self' style='color:#FF0000;'> Click here to refresh </a> This page </td>");
Response.Write(" </tr>");
Response.Write("</table>");
Response.End();
}
Cookies version implementation method:
public double time;
public const int freetime = 2;
#region Anti-malicious refresh
string page;
if (Request.Cookies["page"] == null)
{
page = "";
}
else
{
page = HttpContext.Current.Request.Cookies["page"].Value.ToString(); // To obtain cookie Stored in the url value
}
string strThisPage = HttpContext.Current.Request.Url.PathAndQuery.ToString();// Gets the current page address
DateTime LastTime = DateTime.Now;
if (page.Equals(strThisPage))// if cookie Is equal to the current page, indicating a refresh operation
{
TimeSpan ts = LastTime - DateTime.Parse(HttpContext.Current.Request.Cookies["time"].Value.ToString());
time = ts.Seconds;
if (time < freetime)
{
warm_prompt();
}
}
else
{
// Perform operations
Response.Cookies["page"].Value = strThisPage;
Response.Cookies["time"].Value = LastTime.ToString();
}
#endregion
public void warm_prompt()
{
Response.Write("<table width='778' border='0' align='center' cellpadding='3' cellspacing='2' bgcolor='#009900' style='font-size: 14px; '>");
Response.Write(" <tr bgcolor='#FFFFFF'>");
Response.Write(" <td><img src='/newimages/logos.gif'></td>");
Response.Write(" <td bgcolor='#EEFFEE' To ensure the security of your access , The page will be 2 After seconds will automatically jump to the content you want to visit! </td>");
Response.Write(" </tr>");
Response.Write("</table>");
Response.Write("<meta http-equiv=\"refresh\" content=\"2\";URL=" + HttpContext.Current.Request.Cookies["page"].Value.ToString() + ">");
Response.End();
}
I believe that this article described to everyone asp.net program design has a definite reference value.