正如标题所说,这可能吗?我有一个项目,在某些情况下,我需要禁用页面上的按钮.我已经设置了一个标志,根据该标志在控制器中进行一些判断,相应地设置按钮禁用.如果要禁用该按钮,则包括"disabled"(如果不禁用),则没有文本,因为我发现disabled="enabled"仍然禁用该按钮.
我的问题是如何阻止某人通过F12开发人员工具改变这一点?我可以加载该元素,删除禁用属性,嘿,立即它不再禁用.我如何/可以停止这种行为?有没有办法让它比这更永久?
我正在使用System.Web.Mvc.dll v5.2.9.0
As others have mentioned, you can't control what other users are doing. If you are already checking in your controller if the button should be enabled, then the proper solution is to also disable the endpoint at the same time so nothing happens or it returns an error page if they click on it anyway.
As a side note: You are correct, it only cares if the word disabled is there. Disabled="disabled" is normally done to make it compatible with xhtml. It does not matter at all what is in the quotes. They are ignored.
我们项目中的真实代码:
if (!order.CanEdit())
return PartialView("_ErrorDialog", "Order cannot be edited.");
else if (!order.CanBeTransferred())
return PartialView("_ErrorDialog", "Invalid status. Cannot transfer this order");
else if (order.IsTransfer)
return PartialView("_ErrorDialog", "Cannot transfer an existing transfer.");
您不应该仅仅依赖html来阻止功能. 或者,如果这是所有回发,您不能仅仅将按钮呈现为禁用,您可以将操作更改为#.但这并不是愚蠢的证据,因为有人仍然可以try 直接呼叫您的端点.