I have a C# ASP.NET MVC application. The application presents the user with a bootstrap styled login box. When the user enters his/her user ID and password, that information is passed to the Mainpage controller. The controller picks up the passed data and sends it to a custom build web service API. The API validates the passed user ID and password and if the validation is passed, the API returns basic login information regarding the user. The Mainpage controller takes that returned information, reformats it, and sends it along to a second custom web service API. This second API takes the passed data, retrieves the participant information from a master database, and sends back a response. The Mainpage controller then parses the response and populates a class and the class is passed to the view. The view displays the data. This all works as anticipated.
The question I have is in regard to the url that appears in the url box at the top of the browser. When the View displays the webpage, the url that displays in the url box at the top of the browser contains the data elements that were passes to the custom API. Here is a picture of the url box:
Obviously, I can not have user information showing in the url box.
How can I prevent the view from displaying this information? I have no problem showing localhost:5001/MainPage (localhost: as this is currently in development) but I can not have the parameter fields and the data passed in those fields displaying.
Thanks.
EDIT #1:
The code in my Mainpage controller builds a url string and uses the following code to send the data to the API:
public MQ mq6000Send(string passedMQMessage)
{
var mqResponseObject = new MQ();
var localAPIReturn = new APIReturn();
var url = "https://xxxxxxx-direct.com/api/homepage?mqRequest=" + passedMQMessage;
HttpClient client = new HttpClient();
var APIResponse = client.GetStringAsync(url).Result;
APIResponse = APIResponse.Substring(1, APIResponse.Length - 2);
APIReturn tempData = JsonConvert.DeserializeObject<APIReturn>(APIResponse);
mqResponseObject.MQResponse = tempData;
return mqResponseObject;
}
Related
I'm using docusign-csharp-client and following code snippet to receive the view url for completed envelope, and suppose to be redirected to returnUrl once close action would be performed by the user, who consumes the generated link.
var link = _envelopesApi.CreateViewLink(accountId, envelopeId, new ViewLinkRequest { ReturnUrl = returnUrl, Email = consumerEmail });
As a result user receives an envelope view, but after closing it she gets redirected on my docusing account home page instead of expected returnUrl.
Is there any straightforward way to achieve what I need in Embedded Workflows?
Display the completed document
Redirect consuming user to my return url
It's demo account.
I'd use the embedded recipient view. It can be used even after the recipient has viewed.
Or an easier answer is to fetch the documents from DocuSigh to your server and then show them to your users as appropriate.
The ViewLink method doesn't do what you want and is deprecated.
Currently I have a MVC Registration page which is implemented in an external website.
My question is I need to now extract the previous website's querystring for a certain parameter and read it into my page to register a user into the designated group.
So the workflow looks as follows :
User hits the external website (example: www.test1.com/default.aspx?Code=123asd) with a code in the querystring
user selects Register Now and gets directed to my page.
How will I be able to read the previous querystring code into my MVC page? I do not have access to that website.
EDIT
I currently have a foreach statement which reads the current querystring but this is not pulling the previous request's querystring:
private static string getCode()
{
string nothing = null;
string[] queryStringParaArray = HttpContext.Current.Request.UrlReferrer.Query.Substring(1).Split('=');
if (queryStringParaArray.Length > 0)
{
foreach (var para in queryStringParaArray)
{
if (para.Contains("Code"))
return queryStringParaArray[2];
}
}
return nothing;
}
Have you tried HttpRequest.UrlReferrer property which contains URL of the client's previous request that linked to the current URL. This returns a Uri object and thus you can access the Query property to get the query string value of it.
HttpContext.Request.UrlReferrer
**SideNote: As already commented, there is no guarantee that the referred URL would be present and thus it could be null as well. So would suggest you to pass that query string information directly to your MVC controller while clicking on Register button.
In my application, i am storing an object into session which is passed to a web service to return data to display in a table. If the session exists, then it will not ask the user to input fresh data. However, if a user selects a link called "New List", then the session data will be cleared and the user prompted to enter new data.
In my code, i have an anchor defined like so:
New List
Which will trigger this Controller Action:
public ActionResult NewList()
{
Session["new_list"] = "y";
return RedirectToAction("List");
}
And then continue to execute this action:
public ActionResult List()
{
if ((string)Session["new_list"] == "y")
{
//clear session variables, load fresh data from API
}else{
//display blank table. Ask user to input data to retrieve a list
}
....
}
Now, the issue i have is when a user navigates away from the list page, and then navigates back with the browser's back button, it is still calling newlist. In the history of the browser, instead of storing List it is storing newlist which is causing the session variable to clear. What can i do to stop this from happening or is there a different mechanism to use in c# mvc that can help me achieve the desired effect.
Your main problem here is that the NewList action uses GET when it should really be a POST.
A GET request is never supposed to alter the state of a resource, but simply return the current state of the resource; while a POST request allows for the altering of a resource.
Because you allow the NewList action to be called with a GET request, the user's browser assumes (quite rightly on its part) that nothing bad/undesired will happen if it simply repeats the request in the future, e.g. when a user uses the back button.
If instead a POST request is issued, a user browser will never re-issue the request without the user confirming they actually intended to re-issue it.
The solution to your problem then is modify this to the standard PRG pattern: POST/Redirect/GET; that is, send a POST request to perform the state change, redirect the user browser to another page, and GET the result page. In this scheme, pressing the back-button would effectively "skip" over the state change action and go the previous page the user was on.
To accomplish this in MVC:
[HttpPost]
public ActionResult NewList()
{
//clear session variables, load fresh data from API
return RedirectToAction("List");
}
public ActionResult List()
{
// whatever needs to happen to display the state
}
This does mean that you can't provide the "New List" action directly as a hyperlink in the page, as these will always issue GET requests. You will need to use a minimal form like so: <form method="post" action="#Url.Action("NewList", "Alert")"><button type="submit">New List</button></form>. You can style the button to look like a normal hyperlink as desired.
The reason it storing NewList is because you are redirecting to "Alert/NewList", and its the string in your URL for making hit to "NewList" Action, So whenever you are try back button the browser gets this "Alert/NewList" URL, hence its making hit to action "NewList".
But now, I am not getting why the session gets clear. because you are initializing the session in "NewList" itself. Still i suggest you to use local-storage to assign values with session.
Hello Friends...
I have a mvc project and a form with a attachment box (such as yahoo mail compose)
for example "create_request.cshtml"
I want:
each user fill the fields and upload his/her files (i post each file by Ajax when the user select any one) and after submit the form, if the page has error (checked server side), user see the uploaded files in the response page (response form with highlighted errors)...
I implemented the above scenario very nice:
(Ajax+ Tempdata+ save the files server side befor submit + Thumbs of uploaded files befor submit the form)
in my controller:
public void KeepTempData(string name, string value)
{
TempData[name] = value;
}
in my view i send each file name to the server after i upload it by another ajax codes:
ajaxPostData(KeepTempData, "Attachments", $('#Attachments').val());
But i have a problem:
Because i used TempData for keeping list of uploaded filenames, if the user attach a file in the current page then opens a new Tab in her/his browser and goes to the "create_request" page address. He/She see an empty form with a attached file...
My Solution:
Maybe I can solve this problem with a unique key for each page (each form) and keeping it in a session variable and a hidden field for each page request>> using: "Anti Forgery Token with a Salt" or "DateTime.Now"
I found This post on the web. its problem is like as my problem. and its solution is like as my solution.
What is appropriate solutions in MVC for this problem???
What is your recommendation for using TempData's (or Session's) without any conflict when user have different requests of a pages in some tabs of a browser (like firfox)???
TempData has very short lifespan. You should use Session instead of TempData.
Infact session object is the backing storage behind TempData. But the data stored in TempData is available to the current request and Subsequent request.
I Solved this problem by:
Get a key from querystring
If the key is empty
I generate a new and unique key in the action of controller
Redirect the page to a new url with the key (as a querystring key-value)
Else
Adding the key to the ViewBag (for set a hidden field in view)
Save the key in a session variable.
.
public virtual ActionResult Create(string attkey)
{
if (string.IsNullOrEmpty(attkey))
{
attkey = generatNewNameForSession('key'); // for examle: kye_jhtyujbvkjadsgfvn
Response.Redirect("myControle/Create, attkey="+attkey), true);
}
ViewBag.AttachmentsKey = attkey;
if (Session[attkey] == null)
KeepData(attkey, "");
.
.
.
Now each instance of my page has a Identification and now i can decide shown or not shown the previously attached files.
I am using Access Control service (ACS). I fetched all identity providers (ip) which i set for my application using the following code :
public ActionResult IdentityProviders(string serviceNamespace, string appId)
{
string idpsJsonEndpoint = string.Format(Global.IdentityProviderJsonEndpoint, serviceNamespace, appId);
var client = new WebClient();
var data = client.DownloadData(idpsJsonEndpoint);
return Content(Encoding.UTF8.GetString(data), "application/json");
}
When user click over the signin link the above code called using ajax and get the ips and display them in jquery-ui dialog. And when user click any one of the ips for login the browser redirect to the selected ip login page. After successful login the control return to my control which i set as a returnUrl. Upto this every thing is works fine.
Now what i am trying to do is to pass some values to identity provider (ip) login page and want to get back those values at my returnUrl controller. For this i searched and came to know that there is a query string parameter known as wctx which we can set and get the value at return url. But i dont know how to do this. Can anybody please guid me how can i achieve this?
It is relatively (pretty) easy.
Your URL for listing IdPs looks something like this:
https://[your_namespace].accesscontrol.windows.net:443/v2/metadata/IdentityProviders.js?protocol=wsfederation&realm=[your_realm]&reply_to=[configured_return_url_for_your_rp]&context=&request_id=&version=1.0&callback=
This is the most complete request for list of Identity Providers. Your may miss some variables (such as context, or reply_to), but what I show is the complete request.
So now you have two options:
inclide your own reply_to parameter. It must be withing the configured realm. So if your realm is https://www.mygreatapp.com/, your default return URL would probably be something like https://www.mygreatapp.com/returnUrl/ (if your controller to handle ACS response is returnUrlController. Now, you can safely change the reply_to to be https://www.mygreatapp.com/returnUrl/?foo=bar, just make sure you URL Encode the query string.
Use the context parameter. It is safer to use and I would suggest using it. Now your URL for fetching list of IdPs will be something like:
https://[your_namespace].accesscontrol.windows.net:443/v2/metadata/IdentityProviders.js?protocol=wsfederation&realm=[your_realm]&reply_to=[configured_return_url_for_your_rp]&context=[your_custom_string_value_which_you_may_even_encrypt]&request_id=&version=1.0&callback=
Note the now there is context value present in the request for IdP list ([your_custom_string_value_which_you_may_even_encrypt]). In your returnUrl handler controller, you can check for it with code similar (or equal) to the following:
if (ControllerContext.HttpContext.Request.Form["wresult"] != null)
{
// This is a response from the ACS - you can further inspect the message if you will
SignInResponseMessage message =
WSFederationMessage.CreateFromNameValueCollection(
WSFederationMessage.GetBaseUrl(ControllerContext.HttpContext.Request.Url),
ControllerContext.HttpContext.Request.Form)
as SignInResponseMessage;
if (!string.IsNullOrWhiteSpace(message.Context))
{
// do whatever you want with the context value
}
}
You may want to perform any/more additional checks while handling the SignInResponse from ACS.