public LoginController(Xss xss, ISys_logServices logServices, IHttpContextAccessor httpContext, IConfiguration configuration, ISys_userServices sys_User, IMediator mediator) { _httpContext = httpContext; _configuration = configuration; _userServices = sys_User; _logServices = logServices; _xss = xss; _mediator = mediator; }
public InventoryMoveController( IWms_inventorymoveServices inventorymoveServices, IWms_invmovedetailServices invmovedetailServices, ISys_serialnumServices serialnumServices, Xss xss, SqlSugarClient client, IWms_materialServices materialServices, IWms_inventoryServices inventoryServices ) { _inventorymoveServices = inventorymoveServices; _invmovedetailServices = invmovedetailServices; _serialnumServices = serialnumServices; _materialServices = materialServices; _xss = xss; _client = client; _inventoryServices = inventoryServices; }
public override void OnActionExecuting(ActionExecutingContext context) { var req = context.HttpContext.Request; var ps = context.ActionDescriptor.Parameters; _xss = context.HttpContext.RequestServices.GetService(typeof(Xss)) as Xss; foreach (var p in ps) { if (context.ActionArguments[p.Name] != null) { //当参数等于字符串 if (p.ParameterType == typeof(string)) { context.ActionArguments[p.Name] = _xss.Filter(context.ActionArguments[p.Name].ToString()); } else if (p.ParameterType.IsClass)//当参数等于类 { ModelFieldFilter(p.Name, p.ParameterType, context.ActionArguments[p.Name]); } } } //var qs = QueryHelpers.ParseQuery(req.QueryString.ToUriComponent()); //var ret = new QueryString(); //foreach (var k in qs.Keys) //{ // for (var i = 0; i < qs[k].Count(); i++) // { // try // { // ret.Add(k, _xss.Filter(qs[k][i])); // } // catch // { // ret.Add(k, qs[k][i]); // } // } //} //req.QueryString = ret; base.OnActionExecuting(context); }
public static Xss GetXss() { return(_xss ?? (_xss = new Xss())); }