码迷,mamicode.com
首页 > 其他好文 > 详细

从客户端(ExportContent="...ontinuous <br />Pass Count":13...")中检测到有潜在危险的 Request.Form 值。

时间:2017-07-26 21:51:18      阅读:153      评论:0      收藏:0      [点我收藏+]

标签:als   frame   des   解决办法   传递   double   append   export   put   

mvc中,用chrome浏览器导出excel提示如题错误的解决办法。

 

<system.web>

 <httpRuntime requestValidationMode="2.0"  targetFramework="4.5" />

<pages validateRequest="false" >

[ValidateInput(false)]
public ActionResult GridToExcel()
{
if (Request["ExportContent"] != "")
{
string listname = Request["listname"];
string sheetname = Request["sheetname"];
string tmpContent = Request["ExportContent"];//获取传递上来的文件内容
DataTable dt = Utility.ToDataTable(tmpContent);////rptSource.Tables[0];
//ExcelHelper.DataTable3Excel(dt, RptName);
Workbook b = FileExportExcel.OutFileToDisk(dt, listname, sheetname);
string filename = listname + "_" + DateTime.Now.ToString("yyyyMMddHHiiss");
return File(b.SaveToStream().ToArray(), "application/octet-stream", filename + ".xls");
}
else
{
return null;
}
//test();
//return null;
}

 

  

  public static DataTable ToDataTable(string json)
        {
            DataTable dataTable = new DataTable();  //实例化
            DataTable result;
            try
            {
                JavaScriptSerializer javaScriptSerializer = new JavaScriptSerializer();
                javaScriptSerializer.MaxJsonLength = Int32.MaxValue; //取得最大数值
                ArrayList arrayList = javaScriptSerializer.Deserialize<ArrayList>(json);
                if (arrayList.Count > 0)
                {
                    foreach (Dictionary<string, object> dictionary in arrayList)
                    {
                        if (dictionary.Keys.Count<string>() == 0)
                        {
                            result = dataTable;
                            return result;
                        }
                        if (dataTable.Columns.Count == 0)
                        {
                            string s = "";
                            Type aa = s.GetType();
                            double f = 0.001d;
                            Type bb = f.GetType();
                            int i = 1;
                            Type cc = i.GetType();
                            foreach (string current in dictionary.Keys)
                            {
                                if (object.Equals(dictionary[current], null))
                                    dataTable.Columns.Add(current, aa);
                                else
                                    dataTable.Columns.Add(current, dictionary[current].GetType() == cc ? bb : dictionary[current].GetType());
                            }
                        }
                        DataRow dataRow = dataTable.NewRow();
                        foreach (string current in dictionary.Keys)
                        {
                            dataRow[current] = dictionary[current];
                        }

                        dataTable.Rows.Add(dataRow); //循环添加行到DataTable中
                    }
                }
            }
            catch (Exception e)
            {
            }
            result = dataTable;
            return result;
        }

using Aspose.Cells; 

public static Workbook OutFileToDisk(DataTable dt, string tableName, string sheetname = "", string path = "") { Workbook workbook = new Workbook(); //工作簿 Worksheet sheet = workbook.Worksheets[0]; //工作表\ if (!string.IsNullOrEmpty(sheetname)) { sheet.Name = sheetname; } Cells cells = sheet.Cells;//单元格 //为标题设置样式 Style styleTitle = workbook.Styles[workbook.Styles.Add()];//新增样式 styleTitle.HorizontalAlignment = TextAlignmentType.Center;//文字居中 styleTitle.Font.Name = "宋体";//文字字体 styleTitle.Font.Size = 18;//文字大小 styleTitle.Font.IsBold = true;//粗体 //样式2 Style style2 = workbook.Styles[workbook.Styles.Add()];//新增样式 style2.HorizontalAlignment = TextAlignmentType.Center;//文字居中 //style2.Font.Name = "宋体";//文字字体 //style2.Font.Size = 14;//文字大小 style2.Font.IsBold = true;//粗体 style2.IsTextWrapped = true;//单元格内容自动换行 style2.Borders[BorderType.LeftBorder].LineStyle = CellBorderType.Thin; style2.Borders[BorderType.RightBorder].LineStyle = CellBorderType.Thin; style2.Borders[BorderType.TopBorder].LineStyle = CellBorderType.Thin; style2.Borders[BorderType.BottomBorder].LineStyle = CellBorderType.Thin; //样式3 Style style3 = workbook.Styles[workbook.Styles.Add()];//新增样式 //style3.HorizontalAlignment = TextAlignmentType.Center;//文字居中 style3.Font.Name = "宋体";//文字字体 //style3.Font.Size = 12;//文字大小 style3.Borders[BorderType.LeftBorder].LineStyle = CellBorderType.Thin; style3.Borders[BorderType.RightBorder].LineStyle = CellBorderType.Thin; style3.Borders[BorderType.TopBorder].LineStyle = CellBorderType.Thin; style3.Borders[BorderType.BottomBorder].LineStyle = CellBorderType.Thin; int Colnum = dt.Columns.Count;//表格列数 int Rownum = dt.Rows.Count;//表格行数 //插入图片 //FileStream fs = new FileStream(HttpContext.Current.Server.MapPath("~/Scripts/Image") + "/excelImage.png", FileMode.Open); //byte[] byteData = new byte[fs.Length]; //fs.Read(byteData, 0, byteData.Length); //fs.Close(); //cells.Merge(0, 0, 1, Colnum);//合并单元格 //cells[0, 0].PutValue(byteData);//填写内容 //cells.SetRowHeight(0, 38); sheet.Pictures.Add(0, 0, HttpContext.Current.Server.MapPath("~/Scripts/Image") + "/excelImage.png", 165, 43); //生成行1 标题行 cells.Merge(1, 0, 1, Colnum);//合并单元格 cells[1, 0].PutValue(tableName);//填写内容 cells[1, 0].SetStyle(styleTitle); cells.SetRowHeight(0, 38); //生成行2 列名行 for (int i = 0; i < Colnum; i++) { cells[2, i].PutValue(dt.Columns[i].ColumnName); cells[2, i].SetStyle(style2); //cells.SetRowHeight(1, 25); } //生成数据行 for (int i = 0; i < Rownum; i++) { for (int k = 0; k < Colnum; k++) { cells[3 + i, k].PutValue(dt.Rows[i][k]);//.ToString() cells[3 + i, k].SetStyle(style3); } //cells.SetRowHeight(2 + i, 24); } return workbook; //workbook.Save(path); }

 

    function GridtoExcel(grid, listname, sheetname) {
        var records = [];
        var colu = [];
        for (var i = 1; i < grid.columns.length; i++) {
            if ((grid.columns[i].text === "") || (grid.columns[i].getId() === "")) {
            }
            else {
                var dic = new Object();
                dic.text = grid.columns[i].text;
                dic.value = grid.columns[i].dataIndex;
                colu.push(dic);
            }
        }
        if (grid.getStore().data.items.length > 0) {

            for (var i = 0; i < grid.getStore().data.items.length; i++) {
                var object = new Object;
                var item = grid.getStore().data.items[i].data;
                for (var j = 0; j < colu.length; j++) {
                    var daIndex = eval([colu[j].value]);
                    object[colu[j].text] = item[daIndex[0]];
                }
                records.push(object);
            }
        }
        else {
            var object = new Object;
            for (var j = 0; j < colu.length; j++) {
                object[colu[j].text] = null;
            }
            records.push(object);
        }

        if (records.length > 0) {
            var tempForm = document.createElement("form");
            tempForm.action = ‘/Home/GridToExcel‘;
            tempForm.method = "POST";
            tempForm.target = "_blank";
            var hideInput = document.createElement("input");
            hideInput.type = "hidden";
            hideInput.name = "ExportContent"
            hideInput.value = Ext.JSON.encode(records);
            tempForm.appendChild(hideInput);
            var hideInput1 = document.createElement("input");
            hideInput1.type = "hidden";
            hideInput1.name = "listname"
            hideInput1.value = listname;
            tempForm.appendChild(hideInput1);

            var hideInput2 = document.createElement("input");
            hideInput2.type = "hidden";
            hideInput2.name = "sheetname"
            hideInput2.value = sheetname;
            tempForm.appendChild(hideInput2);

            tempForm.style.display = ‘none‘;
            //   tempForm.get(0).encoding = ‘application/json‘;
            document.body.appendChild(tempForm);
            tempForm.submit();
            document.body.removeChild(tempForm);
        }
        else {
           //
        }


    }

 

从客户端(ExportContent="...ontinuous <br />Pass Count":13...")中检测到有潜在危险的 Request.Form 值。

标签:als   frame   des   解决办法   传递   double   append   export   put   

原文地址:http://www.cnblogs.com/hqyj/p/7241600.html

(0)
(0)
   
举报
评论 一句话评论(0
登录后才能评论!
© 2014 mamicode.com 版权所有  联系我们:gaon5@hotmail.com
迷上了代码!