In my page, there are a lots of toolkit controls and gridvidw. Sometime when I postpack partially inside a UpdatePanel, I got the following message in a popup message box:
Invaid postback or callback argument. Event validation is enabled using <pages enableEventValidation="true"/> in configuration or <% Page EnableEventValidation="true" %> in page. For security purposes,this fuature verifies that arguments to postbalc or callback events originate from the server control that orginally rendered them. If the data is valid and expected, use the ClientScriptManager.RegiterForEventValidation method in order to register the postback or callback data for validation.
For example, in gridview with paging, when I click on page numnber, sometimes the above message will come out. It comes out randomly. If I refresh the page, it will fix this issue.
How to solve this issue?
A potentially dangerous Request.Form value was detected from the client (ctl00$ctl00$ctl00$ctlToAdd1$ctl00$ctlHeaderFooter$ctl00$txtPageHeader="<p>DO NOT ATTEMPT TH...").
Description: Request Validation has detected a potentially dangerous client input value, and processing of the request has been aborted. This value may indicate an attempt to compromise the security of your application, such as a cross-site scripting attack. You can disable request validation by setting validateRequest=false in the Page directive or in the configuration section. However, it is strongly recommended that your application explicitly check all inputs in this case.
Exception Details:System.Web.HttpRequestValidationException: A potentially dangerous Request.Form value was detected from the client (ctl00$ctl00$ctl00$ctlToAdd1$ctl00$ctlHeaderFooter$ctl00$txtPageHeader="<p>DO NOT ATTEMPT TH...").
Source Error:
[No relevant source lines]
Source File:c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\siteseasytest\b32181f7\172c3a32\App_Web_yzjzpobg.2.cs Line:0
Stack Trace:
[HttpRequestValidationException (0x80004005): A potentially dangerous Request.Form value was detected from the client (ctl00$ctl00$ctl00$ctlToAdd1$ctl00$ctlHeaderFooter$ctl00$txtPageHeader="<p>DO NOT ATTEMPT TH...").]
System.Web.HttpRequest.ValidateString(String s, String valueName, String collectionName) +3219550
System.Web.HttpRequest.ValidateNameValueCollection(NameValueCollection nvc, String collectionName) +108
System.Web.HttpRequest.get_Form() +119
System.Web.HttpRequest.get_HasForm() +57
System.Web.UI.Page.GetCollectionBasedOnMethod(Boolean dontReturnNull) +2025201
System.Web.UI.Page.DeterminePostBackMode() +60
System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +6953
System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +154
System.Web.UI.Page.ProcessRequest() +86
System.Web.UI.Page.ProcessRequestWithNoAssert(HttpContext context) +18
System.Web.UI.Page.ProcessRequest(HttpContext context) +49
ASP.communitydefault_aspx.ProcessRequest(HttpContext context) in c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\siteseasytest\b32181f7\172c3a32\App_Web_yzjzpobg.2.cs:0
System.Web.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() +154
System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +64
Jason, If you are using code behind to control what gets added to a PlaceHolder for instance...
In ATLAS - we simply issued the
UpdatePanelModal.Update();
Because viewstate would get mucked up. (Article on my blog about this)
In Beta - I find that anytime you issue that command - it causes the error ... I think when mode is conditional - it works but not sure - as I am being forced to use always due to databound controls dissapearing on a modal popup and have not heard any feedback on the issue...
If you are not using code behind to handle - can you post a simple code example that demonstrates the issue?
Jason, I have written down the message text in message box. Forget the pic.
jodywbcb, what's your post for my question?
No comments:
Post a Comment