HttpRequest.Filter 属性


下面的代码示例创建两个新类,即,筛选 InputStreamQQQ1QQQ2。将这些类放入 ASP.NET 应用程序目录中的 Global.asax 文件中,以便筛选应用程序中所有 ASP.NET 网页中的全部输入。

<%@ Page language="c#" %>
<%@ Import namespace="System.Text" %>
<%@ Import namespace="System.IO" %> <script runat="server">

// This code is to be added to a Global.asax file.

public void Application_BeginRequest() { Request.Filter = new QQQ1(Request.Filter);
   Request.Filter = new QQQ2(Request.Filter);

class QQQ1 : Stream
    private Stream _sink;

    public QQQ1(Stream sink)
        _sink = sink;

    public override bool CanRead
        get { return true; }

    public override bool CanSeek
        get { return false; }

    public override bool CanWrite
        get { return false; }

    public override long Length
        get { return _sink.Length; }

    public override long Position
        get { return _sink.Position; }
        set { throw new NotSupportedException(); }

    public override int Read(byte[] buffer, int offset, int count)
int c = _sink.Read(buffer, offset, count);

        for (int i = 0; i < count; i++)
            if (buffer[offset+i] >= 'a' && buffer[offset+i] <= 'z')
                buffer[offset+i] -= ('a'-'A');

        return c;

    public override long Seek(long offset, System.IO.SeekOrigin direction)
        throw new NotSupportedException();

    public override void SetLength(long length)
        throw new NotSupportedException();

    public override void Close()

    public override void Flush()

    public override void Write(byte[] buffer, int offset, int count)
throw new NotSupportedException();

class QQQ2 : Stream
    private Stream _sink;

    public QQQ2(Stream sink)
        _sink = sink;

    public override bool CanRead
        get { return true; }

    public override bool CanSeek
        get { return false; }

    public override bool CanWrite
        get { return false; }

    public override long Length
        get { return _sink.Length; }

    public override long Position
        get { return _sink.Position; }
        set { throw new NotSupportedException(); }

    public override int Read(byte[] buffer, int offset, int count)
int c = _sink.Read(buffer, offset, count);

        for (int i = 0; i < count; i++)
            if (buffer[i] == 'E')
                buffer[i] = (byte)'*';
            else if (buffer[i] == 'e')
                buffer[i] = (byte)'#';
        return c;

    public override long Seek(long offset, System.IO.SeekOrigin direction)
        throw new NotSupportedException();

    public override void SetLength(long length)
        throw new NotSupportedException();

    public override void Close()

    public override void Flush()

    public override void Write(byte[] buffer, int offset, int count)
throw new NotSupportedException();


This ASP.NET page uses the request filter to modify all text sent by the
browser in Request.InputStream. To test the filter, use this page to take
the POSTed output from a data entry page using a tag such as:
<form method="POST" action="ThisTestPage.aspx">

<%@ IMPORT namespace="System.IO" %>

<Script runat=server>
   void Page_Load()

      // Create a Stream object to capture entire InputStream from browser.
      Stream str = Request.InputStream;

      // Find number of bytes in stream.
      int strLen = (int)str.Length;

      // Create a byte array to hold stream.
      byte[] bArr = new byte[strLen];

      // Read stream into byte array.

      // Convert byte array to a text string.
      String strmContents="";
      for(int i = 0; i < strLen; i++)
         strmContents = strmContents + (Char)bArr[i];

      // Display filtered stream in browser.
      Response.Write("Contents of Filtered InputStream: <br>" + strmContents);

