Custom control with invalid property generates no error - asp.net

for examle
<app:CustomDropDown ID="test" runat="server" InvalidProperty="SOMETHING" />
This does not generate an error. Sometimes i spend hours trying to figure out why my custom controls are displaying no data. Most of the time it turns out they are using and old non existing property and yet no error is generated on execution.
What could cause this?

You're not getting an error because, technically, there's nothing wrong with the markup. ASP.NET will pass any un-recognized attributes through to the page.
This can be useful if you want to use some non-standard attributes to store extra data for some reason and then access it later through the DOM.

Related

Error: Document (get by id) is not declared

Someone just quit at my job and I inherited the web project he was working on.
I have little experience with asp/vb and I might be missing something obvious here, but there is my problem:
I am experiencing this strange error where I'm trying to access the elements of my aspx page with Document.getElementByID() in but I only get the error " 'Document' is not declared. It may be inaccessible due to its protection level".
I get this error on all the pages I try to access Document to find the elements. There is no previous reference to "Document" in the code, so it is possible the problem has been there since the beginning but never got noticed.
I tried calling Document in different function/scope and the error persist. I also verified that all the pages inherit from System.Web.UI.Page. I have no other issue with the project, the pages render correctly and I can access the elements generated by the "Code Gen File".
I was wondering if there could be some references missing to the project or if there could be anything that I haven't checked that would explain this.
document.getElementById() is a client side JavaScript function.
Your aspx page is a server side web form.
You can't access client side functions in your code behind like that.
To reference server side controls (like those defined in you aspx page) you can simple use their 'id' property in the aspx

Compiling with wrong attributes

We have an asp.net custom control which is used in our webforms asp.net project. I renamed a control's property and expected to get a compile time error in a place where this property is used as an attribute but it doesn't happen. Why is it so?
ASP.NET markup isn't actually schema-checked, at compile time or even at runtime. You're perfectly within your rights to write any old tag soup you like - ASP.NET won't complain unless you explicitly do something that doesn't make sense.
<asp:Label runat="server" fjsdkfj="sdjkfldskfls">Hello</asp:Label>
Put the above on an aspx and you will get no complaint at compilation, nor even at runtime - you'll just get
<span fjsdkfj="sdjkfldskfls">Hello</span>
send to the browser. However, do
<asp:Label runat="server" fjsdkfj="sdjkfldskfls" Height="ohdear">Hello</asp:Label>
and at runtime you'll get a parser error, as ASP.NET attempts to convert ohdear into a height value.
To find this second type of error earlier, you can use ASP.NET precompilation. To find the first category of errors, I know of no other way than testing - even ReSharper appears not to offer any useful inspection.

RegisterExpandoAttribute - Throwing Error

Recently, I discovered that using: someControl.Attributes.Add("customAttr", "customVal") is not compatible with all web browsers. The recommended registration for custom attributes is:
Page.ClientScript.RegisterExpandoAttribute(someControl.ClientID, "customAttr", "customVal")
Okay, here's the problem. I am using a ListView to generate a custom control. In certain scenarios, the ListView must be refreshed/recreated. When this happens, and a ListView item attempts the register (in this case, re-register) the expando attribute, the page throws the following error:
An entry with the same key already exists.
Obviously RegisterExpandoAttribute() does not behave like the Page.Cache object where if a key already exists, the current value is overwritten. I can easily hack my way past this problem but I wonder if there is a more elegant solution to this. For example, there is no method like: Page.ClientScript.IsExpandoAttributeRegistered(...)
Any ideas?
If you're creating a custom control, try doing the RegisterExpandoAttribute call during the control PreRender. I was having issues with the attribute still being registered if the control had been removed and doing that fixed my issue. I would imagine that if you're calling RegisterExpandoAttribute in the PreRender for the control then it shouldn't be called more than once per page load.

ASP.Net error: A potentially dangerous Request.Form value was detected from the client

I am getting this error in my asp.net page:
A potentially dangerous Request.Form value was detected from the client (ctl00$DefaultContent$UCSimpleSearch$txtFind="$%^&#%^&##%#").
I get this error when I type $%^&#%^&##%# in a textbox of this page and hit submit.
How do I overcome this error?
Is it recommended to set validateRequest=false in the Page directive to get rid of this?
Setting ValidateRequest to false is one way to work around this error. What you have to decide is whether or not any of these characters are valid input characters for your form. If they are then you need to turn this off and ensure that you handle all user input correctly.
I can't seem to find a list of the dangerous characters, so if anyone knows one it would be of value to have a link to it.
Some good information can be found here.
As a general rule you should always be html encoding any data you place on your site so turning this off should not cause any harm. However if you are not sure if you are, it is best to leave it on and not allow this data in your form.
putting validateRequest=false in the page directive should only be done if you're sure you're going to validate it yourself and you want to have anything anyone can think of to be posted to your server.
if that string you typed in is valid input you will need to disable request validation.
Is it recommended to set validateRequest=false in the Page directive to get rid of this?
If you can handle the validation of the textbox input explicitly, why not?
It means that you can't post values containing HTML tags to the server, It was added very earlier versions of .net framework for security reasons
If you have to enable users posting html tags you can add validateRequest="false" to the page directive

Limit allowable child control types in an ASP.NET templates control

I'm trying to limit the possible types of controls that can be put in to the templated area of a templated control in ASP.NET. Does anyone know how to do that?
/Asger
I'm not sure it makes sense to do this with a template, per se. A template is a property of type ITemplate. I suppose your designer code could attempt to limit what goes into the template, but that's really against the paradigm.
Perhaps what you want is to override the Control.AddParsedSubObject method, or else implement a ControlBuilder to get serious about it.
John,
Thank you very much for those pointers! That'll get me further.
I'm not quite sure, why it doesn't make sense though... for example inside a DataGrids column property only certain child-controls are allowed:
BoundColumn
ButtonColumn
EditCommandColumn
HyperLinkColumn
Any other control inserted in will cause compile errors: Error 4 Validation (ASP.Net): Text is not allowed between the opening and closing tags for element Columns'.
/Asger

Resources