1
我想通过jQuery加载部分视图并将其加载到页面中。部分视图中有一个<img>。MVC JQuery加载部分图像潜在危险请求
这里是PartialView:
@model NBAPicks.Models.PickedTeamLogoViewModel
@ViewHelpers.GetTeamLogoForPick(Model.TeamAbbr, Model.GameID, Model.UserName)
这里是助手代码:
public static MvcHtmlString GetTeamLogoForPick(string abbr, int gameID, string userName)
{
var imagePath = ImageUrl("Team Logos", abbr + ".gif");
var html = "<img src=\"" + imagePath + "\" id=\"" + gameID.ToString() + "_" + userName + "\" class=\"pick-logo\" />";
return new MvcHtmlString(html);
}
凡imageURL表示:
private static string ImageUrl(string subFolder, string fileName)
{
return VirtualPathUtility.ToAbsolute(ImagesDir + "\\" + subFolder + "\\" + fileName);
}
这里是控制器的方法:
[Authorize]
public JsonResult GetPickedTeamLogo(string teamAbbr, int gameID, string userName)
{
var viewModel = new PickedTeamLogoViewModel()
{
TeamAbbr = teamAbbr,
GameID = gameID,
UserName = userName
};
return Json(_partialStringRenderer.RenderRazorViewToString(this, "_PickedTeamLogo", viewModel), JsonRequestBehavior.AllowGet);
}
这里是我加载它在jQuery的:现在
setTimeout(function() {
var ajaxRequest = $.ajax({
type: "GET",
url: '@Html.Raw(Url.Content("~/Admin/GetPickedTeamLogo/?teamAbbr="))' + teamAbbr + '&gameID=' + gameID + '&userName=' + userName,
cache: false,
data: { teamAbbr: teamAbbr, gameID: gameID, userName: userName },
async: false,
dataType: 'json',
error: function() {
console.log('failure');
alert('AJAX fail - this is a bug, report it!');
},
success: function (result) {
console.log('AJAX call returned successfully');
console.log('result: ' + result);
$("#" + userName + "_logo").load(result); // HERE!!!
}
});
}, 0);
,通过控制台输出返回的HTML看起来很好,正确的:
<img src="/Content/Team Logos/MIA.gif" id="1238_tim" class="pick-logo" />
但控制台报告这个错误,我尝试并加载HTML:
GET http://localhost:53441/%3Cimg 400 (Bad Request)
我可以从这里向下钻取到这个错误:
A potentially dangerous Request.Path value was detected from the client (<).
为什么会发生此错误,以及如何解决它?
啊,同样的结果很遗憾。 – Hanshan
将过滤器添加到GetPickedTeamLogo操作后,它是否严格输出相同的错误? –
是一样的。 – Hanshan