----------------------------------------------------------- New Message on BDOTNET
----------------------------------------------------------- From: LovedJohnySmith Message 4 in Discussion Sonia: The Event validation checks the event and value are legal for the current postback. Background: asp 1.1 web sites had a common user coded security bug. many asp.net coders would control access to their site by disabling, making invisible, or changing the value of control that performed functions the user was not allowed. the onclick events would not recheck permissions, so a hacker could easily perform these functions by postiing a response that faked the button/value press (trival to do). so, in asp 2.0, the default is to only allow events for controls that were enabled, visible at page render, and that the value (in the case of a button and dropdowns,etc ) matched the renderd values. in your case, net is detecting that the value posted back was not on the list that it rendered, thus its detecting a a client hack. as you site is expecting this behavior, you need to turn off the default checking, ClientScriptManager.RegisterForEventValidation can be used for this, rather than turning it off for the whole page/site. Hope this clear.... Thanks, Smith http://spaces.msn.com/JohnySmith ----------------------------------------------------------- To stop getting this e-mail, or change how often it arrives, go to your E-mail Settings. http://groups.msn.com/bdotnet/_emailsettings.msnw Need help? If you've forgotten your password, please go to Passport Member Services. http://groups.msn.com/_passportredir.msnw?ppmprop=help For other questions or feedback, go to our Contact Us page. http://groups.msn.com/contact If you do not want to receive future e-mail from this MSN group, or if you received this message by mistake, please click the "Remove" link below. On the pre-addressed e-mail message that opens, simply click "Send". Your e-mail address will be deleted from this group's mailing list. mailto:[EMAIL PROTECTED]
