1 实现ihttpmodule using System; using System.Collections.Generic; using System.Text; using System.Web; using System.Web.Security;namespace DuwCompontents { public class DuwHttpModule : IHttpModule { #region IHttpModule Members void IHttpModule.Dispose() {
} void IHttpModule.Init(HttpApplication context) { context.Error += new EventHandler(context_Error);
实现ihttpmodule
using System;
using System.Collections.Generic;
using System.Text;
using System.Web;
using System.Web.Security;namespace DuwCompontents
{
public class DuwHttpModule : IHttpModule
{
#region IHttpModule Members void IHttpModule.Dispose()
{
} void IHttpModule.Init(HttpApplication context)
{
context.Error += new EventHandler(context_Error);
}
#endregion
void context_Error(object sender, EventArgs e)
{
//统一错误处理
HttpApplication application = (HttpApplication)sender;
HttpContext context = application.Context; DuwException excep = context.Server.GetLastError().InnerException as DuwException; if (excep == null) {
string message=context.Server.GetLastError().InnerException.StackTrace;
message.Replace("\r","<br/>");
excep = new DuwException(message,DuwExceptionType.UndefinedException);
}
string errorurl=String.Format("/error.aspx?type={0}&message={1}&returnurl={2}",excep.ExceptionType,context.Server.UrlEncode(excep.Message),context.Server.UrlEncode(excep.ReturnURL));
context.Server.Transfer(errorurl);
}
}
}2自定义异常类
其中1中的DuwException就是自己定义的异常类
定义如下
using System;
using System.Collections.Generic;
using System.Text;
using System.Web;namespace DuwCompontents
{ /// <summary>
/// 异常类
/// </summary>
public class DuwException : ApplicationException
{
#region 私有属性
private DuwExceptionType _Type;
private string _ReturnURL;
#endregion
#region 公有属性
public string ReturnURL{get { return _ReturnURL; }} public DuwExceptionType ExceptionType{get{return _Type;}}
#endregion
#region 私有方法
private void Init(DuwExceptionType type)
{
string returnurl = HttpContext.Current.Request.RawUrl;
if (HttpContext.Current.Request.UrlReferrer != null)
{
returnurl = HttpContext.Current.Request.UrlReferrer.ToString();
}
Init(type, returnurl);
}
private void Init(DuwExceptionType type, string returnurl)
{ _Type = type;
_ReturnURL = returnurl;
}
#endregion #region 构造 /// <summary>
/// 构造
/// </summary>
/// <param name="message">错误提示信息</param>
public DuwException(string message) : base(message) {
Init(DuwExceptionType.UndefinedException);
}
/// <summary>
/// 构造
/// </summary>
/// <param name="message">错误提示信息</param>
/// <param name="type">错误类型</param>
public DuwException(string message, DuwExceptionType type)
: base(message)
{
Init(type);
}
/// <summary>
/// 构造
/// </summary>
/// <param name="message">错误提示信息</param>
/// <param name="returnurl">指定返回页面</param>
public DuwException(string message,string returnurl):base(message){
Init(DuwExceptionType.UndefinedException, returnurl);
} /// <summary>
/// 构造
/// </summary>
/// <param name="message">错误提示信息</param>
/// <param name="type">错误类型</param>
/// <param name="returnurl">指定返回页面</param>
public DuwException(string message, DuwExceptionType type, string returnurl):base(message)
{
Init(type, returnurl);
}
#endregion
}
}DuwExceptionType是自己定义的错误类型枚举.你可以自由定义,偶的和你的可就不一样了3 修改web.config
<httpModules>
<add name="DuwHttpModule" type="DuwCompontents.DuwHttpModule,DuwCompontents"/>
</httpModules>
加入配置节DuwHttpModule ,其中type指明模块和第一步的类全名
<add type="DuwCompontents.DuwHttpModule" name="DuwHttpModule" />
</httpModules>最后一步,是不是在 error.aspx 获取 Request.QueryString[""],然后再按照 QueryString 写后台代码,显示出错信息?
DuwHttpModule写在另一个应用程序集(DuwCompontents)中,所以需要写明最后一步当然你可以随心所欲了,你可以按你自己的方式自由定义怎么显示和处理错误
中处理一些记录一些敏感的信息先
void context_Error(object sender, EventArgs e){
..................
switch(excep.ExceptionType){
case ....//越权操作
case .....//疑似攻击行为
//让我们记录日志,
break;
}
string errorurl=String.Format("/error.aspx?type={0}&message={1}&returnurl={2}",excep.ExceptionType,context.Server.UrlEncode(excep.Message),context.Server.UrlEncode(excep.ReturnURL));
context.Server.Transfer(errorurl);
}