//#region IsSafeUrl /// <summary> /// 不允许在本地提交数据 /// </summary> /// <remarks>返回是否是安全URL</remarks> /// <param name="doMain">域名</param> public static bool IsSafeUrl(string doMain) { string url = Request2.GetReferrer().ToLower().Trim().Replace("http://", "").Replace("https://", "").Split('/')[0]; doMain = doMain.ToLower().Trim(); if (url.IndexOf(doMain) > -1) { return(true); } return(false); }
/// <summary> /// ProcessRequest /// </summary> /// <param name="context"></param> public void ProcessRequest(HttpContext context) { string url = context.Request.FilePath; string refUrl = Request2.GetReferrer().ToLower(); string host = "http://" + Request2.GetHost().ToLower(); if (string.IsNullOrEmpty(url) || string.IsNullOrEmpty(refUrl) || refUrl.IndexOf(host) != 0 || url.IndexOf(host) != 0) { context.Response.ContentType = "image/JPEG"; context.Response.WriteFile("/no.jpg"); } }