I'm using an Ajax update panel and have recently added ASP.NET tracing code to aid in debugging. All of the sudden I started getting PageRequestManagerParseErrorExceptions when any Ajax code is executed.
For example:
Trace.Write("Done setting employeeId.");
Apparently this is because I am not allowed to use "server tracing" along with Ajax. (according to this post by Eilon Lipton).
Is this true? Am I not allowed to use the awesome ASP.NET tracing mechanism? It would be a shame.
Setting pageOutput="false" on the trace element in web.config seems to solve the problem.
Use ASP.NET tracing, but rather write to the normal diagnostics trace by setting the writeToDiagnosticsTrace attribute to "true" (this is on the trace element in your web.config file).
Related
I have a site that uses a .net security module to secure certain areas of the website. It's not working, the pages that should be password protected are not. Other than that, the site doesn't throw any errors.
I don't have access to the code, and the module doesn't seem to log anything.
Is there an IIS or .Net log of loading/calling httpModules? I feel like it's not loading/calling it, and it's just not telling me.
My web.config has this snippet, which loads the module:
<httpModules>
<add name="MyApp.SecurityModule" type="MyApp.Host.Security.WebForms.SecurityModule" />
</httpModules>
You can use Modules property in global.asax class to inspect the http modules that are loaded and associated with the application - use any request event such as BeginRequest or PostMapRequestHandler.
However, I don't think this would be an problem - if you are configured the module in the web.config then it would be loaded. If there are any issues then the ASP.NET will report an error. Most probably, http module code must be working in a certain way or needs certain per-conditions that are not being met.
Use tools such as Reflector or ILSpy to inspect & de-compile your application assemblies - check the code for the said type (MyApp.Host.Security.WebForms.SecurityModule) - frankly speaking, in the absence of documentation/commented code, it would be the only option to figure out how exactly your module is supposed to run (and then trouble-shoot accordingly).
Have you thought about using something like Glimpse: http://getglimpse.com/
If may help you debug the issue a little better.
I am not able to get the actual cause of this error in my Web Application.I am using IIS7.0 and .Net FrameWork 4.0
You have inputted html tags in the input field,
Put validateRequest="false" in your page directive or web.config file.
http://msdn2.microsoft.com/en-us/library/ms972967.aspx
You're posting some values that are or resemble HTML. Are you using ASP.NET MVC? If so, I blogged a solution here: specify the attribute ValidateInput(false) on the controller method and everything will work.
But make sure this is the right solution. Does your app allow posting of HTML? If so, this is what you need to do; if not, you're just opening a security loophole.
We have a site were trusted users can add some Javascript tracking code into a text box for submitting, so naturally we have turned off Validation by adding the ValidateRequest="false" into the Page Directive.
However it we seem to be getting the error again all of a sudden : A potentially dangerous Request.Form value was detected from the client , Now we cant add ValidateRequest="false" into the Config or the Master page this page inherits from. So how do I allow Javascript to be posted, what is overridding the ValidateRequest?
We are using .Net 3.5
Probably something else, not the Page, is triggering the error due to the breaking changes made in the framework.. if you can't edit the web.config I fear you're pretty much stuck.
The following error occurs when my webpage is idle for more than 5 min.
Error: Sys.WebForms.PageRequestManagerServerErrorException: Validation of viewstate MAC failed. If this application is hosted by a Web Farm or cluster, ensure that configuration specifies the same validationKey and validation algorithm. AutoGenerate cannot be used in a cluster.
Source File: http://www.dial4jobz.com/ScriptResource.axd?d=Xl5p0QQ_qaR3K9bIVhwC3LyqjOX_oAKyeLj_-uS5j1VoFExVtm3XAHiq64EGJt04xntLJvh-9y3pvN3dvKgg5b6sQwkFvX7GT4f0aKn7iyc1&t=73e6f815
Dono, wat is the cause of this error.. I'll open a web page and after 5 min when I'm accessing it, it is showing this sort of error.. I don't hav any clue that why this error occurs.. Plz, give me any idea???
use the below code and try
<pages validateRequest="false" enableEventValidation="false" viewStateEncryptionMode ="Never" />
if u need more info kindly refer the link below,
http://blogs.msdn.com/tom/archive/2008/03/14/validation-of-viewstate-mac-failed-error.aspx
http://forums.asp.net/p/955145/1173230.aspx
I had the same issue, this is the two solutions I found and that might help if you are not using a WebFarm:
1. Disable ViewState MAC
On your page (.aspx) #Page directive you can add the attribute EnableViewStateMac="false". By doing this that will disable the check and then the issue will goes away.
Unfortunately Microsoft doesn't recommend to do this for security reasons:
This attribute should never be set to false in a production Web site,
even if the application or page does not use view state. The view
state MAC helps ensure the security of other ASP.NET functions in
addition to view state.
Source: Microsoft
2. Check HTML
There is a bug in ASP.Net causing this issue when the "action" attribute is set in your <form> tag. For example:
<form runat="server" action="page.aspx">
By removing this attribute that will remove the issue, so you should now have something like:
<form runat="server">
Obviously this solution may raise other issues, it depends on your application. One big problem is when using Ajax to load pages.
3. Avoid ViewStates
In some cases when using Ajax it could be very easy to get rid of ViewStates. You can send Ajax requests to your server for performing operations and then display the result, no need to use a ViewState. By doing this you won't have an issue about the ViewState validation.
I also found other suggestions on those pages that might help you if what said above doesn't fix your problem.
Hai vaishu,
Have a look at this validation-of-viewstate-mac-failed-error
I have a simple ASP.NET 3.5 SP1 Web Forms app... I've added the System.Web.Routing DLL, and I've made a simple route that returns a standard ASP.NET Page as the "IHttpHandler".
All is good... except that HttpContext.Current.User is null ???
So, I did a little more digging (I put breakpoints in all the events in the Global.asax file). Normally, these breakpoints get hit (when I navigate to a standard ".aspx" page):
Application_BeginRequest
Application_AuthenticateRequest
Application_EndRequest
But, when using ASP.NET Routing... none of those events are firing. Am I missing something?
Assuming you're using IIS6, the alternative is to define a "wild card" extension handler. Adding this simple "catch all" mapping to IIS6 will enable it to process your extensionless requests. By default, the .NET installer maps ".aspx" to the aspnet_isapi.dll- that's why the .aspx extension works. To map requests with no extension to the APS.NET engine, you must tell IIS to look at every request.
Here's a quick article that explains the process:
http://haacked.com/archive/2008/11/26/asp.net-mvc-on-iis-6-walkthrough.aspx
Hope that helps and reduces the "lame" factor of your URLs. :)
-Todd
Found the freakish and bizzare (and stupid) answer :)
If you don't add ".aspx" to the end of your route, nothing fires in the Global.asax, meaning you don't get any BeginRequest, AuthenticateRequest, EndRequest, etc... Also, you don't get SessionState or anything.
So, the "fix" was for me to just change my route from this:
RouteTable.Routes.Add("Blah", new Route("Blah/{reportName}", new MyHandler());
to this:
RouteTable.Routes.Add("Blah", new Route("Blah/{reportName}.aspx", new MyHandler());
How completely lame :) ... but it's a fix none-the-less!
When you say
"If you don't add ".aspx" to the end of your route, nothing fires in the Global.asax, meaning you don't get any BeginRequest, AuthenticateRequest, EndRequest, etc... Also, you don't get SessionState or anything."
Will IIS log such requests in the log files or they are just anonymous? what about Application variables and ViewState?
sorry i haven't tested it yet, but just asking if you might already know?
i have checked application variable and Viewstate, these two are obviously working.. not sure about server logs :S