在将表单发送到后端之前,如何将密码字符串转换为 Base64 字符串?

【问题标题】:How can I convert password string to Base64 string before sending form to backend?在将表单发送到后端之前,如何将密码字符串转换为 Base64 字符串?
【发布时间】:2016-08-31 18:33:49
【问题描述】:

我有一个示例注册表单,它在大多数情况下都能正常工作,但是当我尝试使用密码“U8$G#CBj”注册新用户时,我遇到了一个异常“潜在危险的请求.Form 值从客户端检测到" 我的想法是在将密码发送到后端之前将其转换为 Base64 格式,然后在后端将其转换回来。我该怎么做?

@using (Html.BeginForm("Login", "Account", new { ReturnUrl = ViewBag.ReturnUrl }, FormMethod.Post, new { @class = "form-horizontal", role = "form" }))
     {
        @Html.AntiForgeryToken()
        <h4>Use a local account to log in.</h4>
        <hr />
        @Html.ValidationSummary(true, "", new { @class = "text-danger" })
        <div class="form-group">
           @Html.LabelFor(m => m.Email, new { @class = "col-md-2 control-label" })
           <div class="col-md-10">
              @Html.TextBoxFor(m => m.Email, new { @class = "form-control" })
              @Html.ValidationMessageFor(m => m.Email, "", new { @class = "text-danger" })
           </div>
        </div>
        <div class="form-group">
           @Html.LabelFor(m => m.Password, new { @class = "col-md-2 control-label" })
           <div class="col-md-10">
              @Html.PasswordFor(m => m.Password, new { @class = "form-control" })
              @Html.ValidationMessageFor(m => m.Password, "", new { @class = "text-danger" })
           </div>
        </div>
        <div class="form-group">
           <div class="col-md-offset-2 col-md-10">
              <div class="checkbox">
                 @Html.CheckBoxFor(m => m.RememberMe)
                 @Html.LabelFor(m => m.RememberMe)
              </div>
           </div>
        </div>
        <div class="form-group">
           <div class="col-md-offset-2 col-md-10">
              <input type="submit" value="Log in" class="btn btn-default" />
           </div>
        </div>
        <p>
           @Html.ActionLink("Register as a new user", "Register")
        </p>
        @* Enable this once you have account confirmation enabled for password reset functionality *@
        <p>
           @Html.ActionLink("Forgot your password?", "ForgotPassword")
        </p>
     }

【问题讨论】:

标签: c# asp.net asp.net-mvc-4 razor


【解决方案1】:

在前端部分的Alexei Levenkov 和后端的Vidhyadhar Galande 的帮助下,我解决了我的问题,代码如下: 在 View to form 我已经在提交事件中添加了这个 javascript 函数

function encode(){
        $('#Password').val(btoa($('#Password').val()));
        $('#ConfirmPassword').val(btoa($('#ConfirmPassword').val()));
    }

并在后端解码字符串:

private string DecodeFromBase64(string inputBas64)
{
    var base64EncodedBytesPassword = System.Convert.FromBase64String(model.Password);
    string password = System.Text.Encoding.UTF8.GetString(base64EncodedBytesPassword);
    return password;
}

【讨论】:

    【解决方案2】:

    试试这个

    1) base64(编码/解码)

     public static string base64Encode(string sData) // Encode
 {
   try
    {
       byte[] encData_byte = new byte[sData.Length];
       encData_byte = System.Text.Encoding.UTF8.GetBytes(sData);
       string encodedData = Convert.ToBase64String(encData_byte);
       return encodedData;
    }
   catch (Exception ex)
   {
       throw new Exception("Error in base64Encode" + ex.Message);
   }
 }

public static string base64Decode(string sData) //Decode
 {
    try
    {
      var encoder = new System.Text.UTF8Encoding();
      System.Text.Decoder utf8Decode = encoder.GetDecoder();
      byte[] todecodeByte = Convert.FromBase64String(sData);
      int charCount = utf8Decode.GetCharCount(todecodeByte, 0, todecodeByte.Length);
      [] decodedChar = new char[charCount];
      utf8Decode.GetChars(todecodeByte, 0, todecodeByte.Length, decodedChar, 0);
      string result = new String(decodedChar);
      return result;
   }
  catch (Exception ex)
   {
      throw new Exception("Error in base64Decode" + ex.Message);
    }
}

    2) 编码密码Md5

     public static string EncodePassword(string pass, string salt) //encrypt password
   {
      byte[] bytes = Encoding.Unicode.GetBytes(pass);
      byte[] src = Encoding.Unicode.GetBytes(salt);
      byte[] dst = new byte[src.Length + bytes.Length];
      System.Buffer.BlockCopy(src, 0, dst, 0, src.Length);
      System.Buffer.BlockCopy(bytes, 0, dst, src.Length, bytes.Length);
      HashAlgorithm algorithm = HashAlgorithm.Create("SHA1");
      byte[] inArray = algorithm.ComputeHash(dst);
      //return Convert.ToBase64String(inArray);
      return EncodePasswordMd5(Convert.ToBase64String(inArray));
   }
  public static string EncodePasswordMd5(string pass) //Encrypt using MD5
   {
      Byte[] originalBytes;
      Byte[] encodedBytes;
      MD5 md5;
      //Instantiate MD5CryptoServiceProvider, get bytes for original password and compute hash (encoded password)
      md5 = new MD5CryptoServiceProvider();
      originalBytes = ASCIIEncoding.Default.GetBytes(pass);
      encodedBytes = md5.ComputeHash(originalBytes);
      //Convert encoded bytes back to a 'readable' string
      return BitConverter.ToString(encodedBytes);
  }

    @使用命名空间

      using System;
using System.Security.Cryptography;
using System.Text;
using System.Text.RegularExpressions;
using System.Web;

    【讨论】:

    • 在后端这很有用,但我需要在前端站点上转换字符串
    猜你喜欢
    • 1970-01-01
    • 1970-01-01
    • 1970-01-01
    • 2021-12-12
    • 1970-01-01
    • 1970-01-01
    • 2016-10-21
    • 1970-01-01
    • 2015-12-20
    相关资源
    最近更新 更多
    热门标签
    Java Python linux javascript Mysql C# Docker 算法 前端 SpringBoot Redis Vue spring 设计模式 .net core .net kubernetes c++ 数据库 数据结构 大数据 js 机器学习 微服务 Android Go 程序员 面试 JVM ASP.net core 云原生 人工智能 后端 PHP git CSS golang k8s Nginx Django mybatis 深度学习 多线程 React 架构 devops 爬虫 云计算 Spring Boot LeetCode