I have done like this.
我这样做了。
public ActionResult GetInfo(SomeModel entity)
{
----
return RedirectToAction("NewAction", "NewController", new System.Web.Routing.RouteValueDictionary(entity));
}
Action which was called
被称为的行动
public ActionResult NewAction(SomeModel smodel)
{
-------
-------
}
This is working fine but I can see all posted param values on browser address bar, how can I hide these querystring param values in browser.
这工作正常,但我可以在浏览器地址栏上看到所有发布的参数值,如何在浏览器中隐藏这些查询字符串参数值。
http://localhost:51545/NewController/NewAction?SurveyID=13&CatID=1&PrimaryLang=1&SurveryName=Test%20Survery&EnableMultiLang=False&IsActive=False
Any Help will be appreciated.
任何帮助将不胜感激。
2 个解决方案
#1
10
In your case instead of using RouteValueDictionary and passing model from querystring try TempData(because when we use RedirectToAction it will make a new http request and object routes will be shown in url so its not a good approach to display sensitive data in url).
在你的情况下,而不是使用RouteValueDictionary并从querystring传递模型尝试TempData(因为当我们使用RedirectToAction时,它将生成一个新的http请求,并且对象路由将显示在url中,因此它不是在url中显示敏感数据的好方法)。
Use TempData as shown :-
使用TempData如图所示: -
public ActionResult GetInfo(SomeModel entity)
{
----
TempData["entity"] = entity; //put it inside TempData here
return RedirectToAction("NewAction", "NewController");
}
public ActionResult NewAction()
{
SomeModel smodel = new SomeModel();
if(TempData["entity"] != null){
smodel = (SomeModel)TempData["entity"]; //retrieve TempData values here
}
-------
-------
}
The benefit of using TempData here is that it will retain its value for one redirect and moreover model will be privately transported to another controller action and once you read data from TempData its data will be disposed automatically and if you want to retain TempData value after reading it then use TempData.keep("entity").
这里使用TempData的好处是它将保留一个重定向的值,而且模型将被私有传输到另一个控制器动作,一旦你从TempData读取数据,它的数据将自动处理,如果你想在读取后保留TempData值然后使用TempData.keep(“entity”)。
OR
If your Views are in a same Controller then this a simple solution for your problem :
如果您的视图位于同一个Controller中,那么这是一个解决您问题的简单方法:
public ActionResult GetInfo(SomeModel entity)
{
----
return NewAction(entity);
}
public ActionResult NewAction(SomeModel smodel)
{
-------
-------
return View("NewAction",smodel)
}
As Correctly Commented by @Chips_100 so i m including it here :- The first solution will do a real redirect (302) which will update the URL in the users browser. The second solution will give the desired result while keeping the original URL in the address bar.
正如@ Chips_100正确评论所以我在这里包含它: - 第一个解决方案将进行真正的重定向(302),它将更新用户浏览器中的URL。第二个解决方案将提供所需的结果,同时将原始URL保留在地址栏中。
#2
0
As it follows from your question, the hidden parameter is scoped to user session.
从您的问题可以看出,隐藏参数的作用域是用户会话。
So you can store it into Session property of the controller:
所以你可以将它存储到控制器的Session属性中:
public ActionResult GetInfo(SomeModel entity)
{
Session["SomeKey"] = "SomeValue";
return RedirectToAction("NewAction", "NewController");
}
After that you can retrieve it (another controller also works here):
之后你可以检索它(另一个控制器也可以在这里工作):
public ActionResult NewAction(SomeModel smodel)
{
var parameter = Session["SomeKey"] as string;
// Remove the parameter from session storage
Session.Remove("SomeKey");
// Do the stuff using provided parameter value
}
#1
10
In your case instead of using RouteValueDictionary and passing model from querystring try TempData(because when we use RedirectToAction it will make a new http request and object routes will be shown in url so its not a good approach to display sensitive data in url).
在你的情况下,而不是使用RouteValueDictionary并从querystring传递模型尝试TempData(因为当我们使用RedirectToAction时,它将生成一个新的http请求,并且对象路由将显示在url中,因此它不是在url中显示敏感数据的好方法)。
Use TempData as shown :-
使用TempData如图所示: -
public ActionResult GetInfo(SomeModel entity)
{
----
TempData["entity"] = entity; //put it inside TempData here
return RedirectToAction("NewAction", "NewController");
}
public ActionResult NewAction()
{
SomeModel smodel = new SomeModel();
if(TempData["entity"] != null){
smodel = (SomeModel)TempData["entity"]; //retrieve TempData values here
}
-------
-------
}
The benefit of using TempData here is that it will retain its value for one redirect and moreover model will be privately transported to another controller action and once you read data from TempData its data will be disposed automatically and if you want to retain TempData value after reading it then use TempData.keep("entity").
这里使用TempData的好处是它将保留一个重定向的值,而且模型将被私有传输到另一个控制器动作,一旦你从TempData读取数据,它的数据将自动处理,如果你想在读取后保留TempData值然后使用TempData.keep(“entity”)。
OR
If your Views are in a same Controller then this a simple solution for your problem :
如果您的视图位于同一个Controller中,那么这是一个解决您问题的简单方法:
public ActionResult GetInfo(SomeModel entity)
{
----
return NewAction(entity);
}
public ActionResult NewAction(SomeModel smodel)
{
-------
-------
return View("NewAction",smodel)
}
As Correctly Commented by @Chips_100 so i m including it here :- The first solution will do a real redirect (302) which will update the URL in the users browser. The second solution will give the desired result while keeping the original URL in the address bar.
正如@ Chips_100正确评论所以我在这里包含它: - 第一个解决方案将进行真正的重定向(302),它将更新用户浏览器中的URL。第二个解决方案将提供所需的结果,同时将原始URL保留在地址栏中。
#2
0
As it follows from your question, the hidden parameter is scoped to user session.
从您的问题可以看出,隐藏参数的作用域是用户会话。
So you can store it into Session property of the controller:
所以你可以将它存储到控制器的Session属性中:
public ActionResult GetInfo(SomeModel entity)
{
Session["SomeKey"] = "SomeValue";
return RedirectToAction("NewAction", "NewController");
}
After that you can retrieve it (another controller also works here):
之后你可以检索它(另一个控制器也可以在这里工作):
public ActionResult NewAction(SomeModel smodel)
{
var parameter = Session["SomeKey"] as string;
// Remove the parameter from session storage
Session.Remove("SomeKey");
// Do the stuff using provided parameter value
}