1. Zuhause
  2. Frage und Antwort
  3. Wie können wir HTML-Tags in ein Signal senden?

Wie können wir HTML-Tags in ein Signal senden?

2016-10-04 2 views
3

Ich muss Nachrichten an Kunden senden, die onesignal von meinem Webdienst verwenden, der auf vb.net basiert. Diese Nachrichten werden zwischen HTML-Tags wie gesendet: <html><body>message<a href="...">link</a>text, aber wenn ich versuche, es durch ein Signal zu senden, bekam ich diese Fehlermeldung:Wie können wir HTML-Tags in ein Signal senden?

System.Web.HttpRequestValidationException: A potentially dangerous Request.Form value was detected from the client (pushMessage=&quot;message&lt;a&gt;link&lt;/a&gt;text&quot;). 
    at System.Web.HttpRequest.ValidateString(String value, String collectionKey, RequestValidationSource requestCollection) 
    at System.Web.HttpRequest.ValidateHttpValueCollection(HttpValueCollection collection, RequestValidationSource requestCollection) 
    at System.Web.HttpRequest.get_Form() 
    at System.Web.Services.Protocols.HtmlFormParameterReader.Read(HttpRequest request) 
    at System.Web.Services.Protocols.HttpServerProtocol.ReadParameters() 
    at System.Web.Services.Protocols.WebServiceHandler.CoreProcessRequest()

Kann jemand eine Lösung vorschlagen HTML-Daten durch onesignal zu schicken?

Quelle

2016-10-04 H.Al

Antwort

1

Dieser Fehler scheint auf der Serverseite und nicht von OneSignal zu passieren.

Hier Leitfaden für Microsoft zu dieser Fehlermeldung: https://msdn.microsoft.com/en-us/library/system.web.httprequestvalidationexception(v=vs.110).aspx

Der Abschnitt Bemerkung in dem obigen Link erklärt, wie dieses Problem zu beheben, zu zitieren:

Constraining and validating user input is essential in a Web application to prevent hacker attacks that rely on malicious input strings. Cross-site scripting attacks are one example of such hacks. Other types of malicious or undesired data can be passed in a request through various forms of input. By limiting the kinds of data that is passed at a low level in an application, you can prevent undesirable events, even when programmers who are using your code do not put the proper validation techniques in place.

Request validation detects potentially malicious client input and throws this exception to abort processing of the request. A request abort can indicate an attempt to compromise the security of your application, such as a cross-site scripting attack. It is strongly recommended that your application explicitly check all input regarding request aborts. However, you can disable request validation by setting the validateRequest attribute in the directive to false, as shown in the following example: <%@ Page validateRequest="false" %> To disable request validation for your application, you must modify or create a Web.config file for your application and set the validateRequest attribute of the pages section to false, as shown in the following example:

<configuration> 
    <system.web> 
    <pages validateRequest="false" />  
    </system.web> 
</configuration>

To disable request validation for all applications on your server, you can make this modification to the Machine.config file.

Quelle

2016-10-05 01:04:05 Gdeglin

Verwandte Themen

 Verwandte Themen