TempData: Is It Safe?

前端 未结 5 2252
南笙
南笙 2021-02-18 15:04

I am using the TempData in order to preserve my model in when using a RedirectToAction. It works fine, but I have a nagging feeling that it might not b

5条回答
  •  南笙
    南笙 (楼主)
    2021-02-18 16:03

    I would go, whenever possible, for a fully stateless approach. It's more scalable and is not affected by problems with individual servers. Typically, you can just use a cookie (properly secured against tampering) to identify the user and pull the data from the database every time.

    Besides that, I also suggest you to evaluate whether you can use View instead of RedirectToAction. This:

    TempData["model"] = model;
    return RedirectToAction("SomeAction");
    

    Can be replaced with:

    return View("SomeAction", model);
    

    Of course assuming "SomeAction" is a valid view that is accessible from the current controller (it's either a view in the same ctrl or one defined in Shared) and that it's not just an intermediate action that redirects to another one.

提交回复
热议问题