Why disable would be a security issue?
On Sep 15, 3:23 pm, "Juan M. Oviedo" <[email protected]> wrote: > Disable??? That would be a security issue! > > Juan M. Oviedo > > Date: Mon, 14 Sep 2009 20:41:59 +0200 > Subject: [DotNetDevelopment] Re: "Failed to load view state" > From: [email protected] > To: [email protected] > > Well, it looks like that is the problem...Try not to hide it, but to disable > it :) > > 2009/9/14 Ana <[email protected]> > > I came back to the page I was working before to see if I find what is > > firing this error message. I just realized that, even though I'm not > > creating controls dynamically, I'm showing/hiding controls dynamically > > in the FormView. For instance, some fields can only be updated if the > > user is the administrator; when the user is not the administrator, > > what I'm doing is hide the control (usually a TextBox). Can this be > > the reason why I'm having the error message? > > Thanks, > > Ana > > On Sep 14, 9:48 am, Ana <[email protected]> wrote: > > > Hi, > > > Apparently what was happening was that in the EditItemTemplate the > > formView had a Label, but in the InsertItemTemplate and ItemTemplate > > this Label was not there. I removed the Label from the > > EditItemTemplate and the error message is not being fired anymore. Can > > anyone give me more details about this? > > > Thanks, > > > Ana > > > On Sep 14, 9:32 am, Ana <[email protected]> wrote: > > > > This problem is really driving me nuts! I'm working in a diferent page > > > now, and am having the same problem (always associated with a > > > formview). In the page I'm working now, the problem happened when I > > > updated a record. I updated a record in the FormView, the GridView was > > > bound correctly, but when I tried to update another record the "fail > > > to load view state" error was fired again. > > > I'm not creating any controls dinamically. I can't understand what is > > > happening at all! > > > I don't think that make EnableEventValidation="false" is the better > > > way to solve this problem. As you said, Raghupathi, "we are giving a > > > way to hacker to intrude by disabling the event validation". > > > Anyone here already had this problem and can help me with this? I > > > appreciate all help! > > > > Thanks, > > > > Ana > > > > On Sep 9, 11:55 pm, Raghupathi Kamuni <[email protected]> wrote: > > > > > To solve this problem, > > > > > <pages enableEventValidation="false"/> in Web.Config or, > > > > <%@ Page EnableEventValidation="false" %> in a page attribute > > > > > By doing this, we are giving a way to hacker to intrude by disabling the > > > > event validation. > > > > > This can be prevented by use of RegisterForEventValidation methods of > > > > ClientScriptManager class > > > > > We need to register the server control ID with the all the possible > > > > values > > > > that can be posted by JavaScript by that control in Render Event of the > > > > page > > > > using > > > > > ClientScript.RegisterForEventValidation() > > > > > Check out this for the relavant > > > > articlehttp://www.codedigest.com/Articles/ASPNET/221_Using_JavaScript_Effect... > > > > > On Wed, Sep 9, 2009 at 11:24 PM, Raghupathi Kamuni > > > > <[email protected]>wrote: > > > > > > ViewState and Dynamic Control > > > > >http://geekswithblogs.net/FrostRed/archive/2007/02/17/106547.aspx > > > > > >http://weblogs.asp.net/alessandro/archive/2008/01/04/failed-to-load-v... > > > > > > On Wed, Sep 9, 2009 at 11:01 PM, Ana <[email protected]> > > > > > wrote: > > > > > >> Hi, > > > > > >> In my page I have a Gridview and a FormView. For each row in the > > > > >> GridView, there's a linkButton *Details* that shows the FormView with > > > > >> the information about the selected record in the GridView. > > > > >> In the FormView, users are able to edit and delete records. However, > > > > >> every time I cancel the editing of a record and try to see the > > > > >> formview for this record (clicking in *Details* on the GridView), I > > > > >> have the following error message: > > > > > >> -- > > > > >> Failed to load viewstate. The control tree into which viewstate is > > > > >> being loaded must match the control tree that was used to save > > > > >> viewstate during the previous request. For example, when adding > > > > >> controls dynamically, the controls added during a post-back must > > > > >> match > > > > >> the type and position of the controls added during the initial > > > > >> request. > > > > >> -- > > > > > >> What is happening here? Why this error message in being fired? > > > > > >> Thanks in advance, > > > > > >> Ana
