IE浏览器只 - 从客户端检测到有潜在危险的Request.Form值(MVC-剃刀)剃刀、检测到、客户端、浏览器
我做一个简单的替换与2文本框和2下拉列表中输入文件的语句。
平台是MVC 3,剃刀页面上。
问题是,该错误仅引发IE,并且只有当在服务器上发布出去。运行从本地主机上的IE浏览器的网站不引发错误。
我真的很好奇,为什么这仅仅是一个IE浏览器的问题(它工作正常,在Chrome和Firefox)
下面是从页面的code:
< DIV CLASS =形与GT;
@using(Html.BeginForm(AddZip code,DatabaseHelper))
{
<! - < DIV CLASS =输入>
@ Html.LabelFor(M => m.Environment):
@ Html.DropDownListFor(M => m.Environment,CustomHtmlHelper.GetEnvironmentSelectList(环境,Model.Environment),---)
< / DIV> - >
< DIV CLASS =输入>
@ Html.LabelFor(M => m.Zip):
@ Html.EditorFor(M => m.Zip)
< / DIV>
< DIV CLASS =输入>
@ Html.LabelFor(M => m.County):
@ Html.EditorFor(M => m.County)
< / DIV>
< DIV CLASS =输入>
@ Html.LabelFor(M => m.Zone):
@ Html.DropDownListFor(米=> m.Zone,CustomHtmlHelper.GetZoneSelectList(),---)
< / DIV>
< DIV CLASS =输入>
@ Html.LabelFor(M => m.Market):
@ Html.DropDownListFor(米=> m.Market,CustomHtmlHelper.GetMarketSelectList(),---)
< / DIV>
< DIV CLASS =按钮>
<! - <按钮类型=提交值=提交级=按钮刷新NAME =提交>
提交< /按钮> - >
<按钮类型=提交值=GetAddScript级=按钮刷新NAME =GetAddScript>
获取添加脚本
< /按钮>
<按钮类型=提交值=GetRollbackScript级=按钮刷新NAME =GetRollbackScript>
获取回滚脚本
< /按钮>
< / DIV>
}
< / DIV>
更新: 感谢您的提琴手尖@Danny Tuppeny。下面是IE和Chrome浏览器后:
这是Chrome浏览器POST:
Zip=77054&County=&Zone=Electric+Zone+for+CENTERPOINT&Market=CENTERPOINT&GetAddScript=GetAddScript这是IE浏览器POST:
邮编= 77054&放大器;县=安培;区=和电子市场=安培; GetAddScript =<跨度类=UI按钮图标,主界面图标UI的icon-刷新>< / SPAN><跨度类= UI按钮文本>获取添加脚本< / SPAN>
@Charlino,其他职位有此修复程序。由于两者。
解决方案使用提琴手你应该能够检查表单的内容被张贴在两个浏览器的服务器,并进行比较。
这听起来像IE浏览器可能会被发送HTML回来,是不是连接codeD,但很难说,为什么没有看到请求(或实际上,从您发布的视图生成的HTML)。
I'm doing a simple replace statement on a file with input from 2 textboxes and 2 drop down lists.
Platform is MVC 3, on a Razor page.
Problem is that the error is only thrown on IE, and only when published out on the server. Running the site from localhost on IE throws no errors.
I'm really curious as to why this is just an IE problem (It works fine in Chrome and Firefox)
Here's the code from the page:
<div class="form">
@using (Html.BeginForm("AddZipCode", "DatabaseHelper"))
{
<!-- <div class="input">
@Html.LabelFor(m => m.Environment):
@Html.DropDownListFor(m => m.Environment, CustomHtmlHelper.GetEnvironmentSelectList(Environment, Model.Environment), "---")
</div>-->
<div class="input">
@Html.LabelFor(m => m.Zip):
@Html.EditorFor(m => m.Zip)
</div>
<div class="input">
@Html.LabelFor(m => m.County):
@Html.EditorFor(m => m.County)
</div>
<div class="input">
@Html.LabelFor(m => m.Zone):
@Html.DropDownListFor(m => m.Zone, CustomHtmlHelper.GetZoneSelectList(), "---")
</div>
<div class="input">
@Html.LabelFor(m => m.Market):
@Html.DropDownListFor(m => m.Market, CustomHtmlHelper.GetMarketSelectList(), "---")
</div>
<div class="buttons">
<!--<button type="submit" value="Submit" class="button refresh" name="Submit">
Submit</button>-->
<button type="submit" value="GetAddScript" class="button refresh" name="GetAddScript">
Get Add Script
</button>
<button type="submit" value="GetRollbackScript" class="button refresh" name="GetRollbackScript">
Get Rollback Script
</button>
</div>
}
</div>
UPDATE: Thanks for the Fiddler tip @Danny Tuppeny. Here's the post from both IE and Chrome:
POST from Chrome:
Zip=77054&County=&Zone=Electric+Zone+for+CENTERPOINT&Market=CENTERPOINT&GetAddScript=GetAddScript
POST from IE:
Zip=77054&County=&Zone=&Market=&GetAddScript=<SPAN class="ui-button-icon-primary ui-icon ui-icon-refresh"></SPAN><SPAN class=ui-button-text>Get Add Script</SPAN>
@Charlino, that other post has the fix. Thanks both.
解决方案Using Fiddler you should be able to check the contents of the form being posted to the server in both browsers, and compare them.
It sounds like IE might be sending HTML back that isn't encoded, but it's hard to tell why without seeing the request (or indeed, the HTML generated from the View you posted).
