我有一个ASP.Net托管网站,它将结果列表显示为DataGrid或ASP.Net Repeater,并对结果进行分页。
如果通过按Previous / Next选项卡快速滚动页面,有时会抛出HttpUnhandledException并呈现调试页面而不是下一个结果列表。
调试屏幕如下:
System.Web.HttpUnhandledException: Exception of type 'System.Web.HttpUnhandledException' was thrown. ---> System.ArgumentException: Invalid postback or callback argument. Event validation is enabled using <pages enableEventValidation="true"/> in configuration or <%@ Page EnableEventValidation="true" %> in a page. For security purposes, this feature verifies that arguments to postback or callback events originate from the server control that originally rendered them. If the data is valid and expected, use the ClientScriptManager.RegisterForEventValidation method in order to register the postback or callback data for validation.
at System.Web.UI.ClientScriptManager.ValidateEvent(String uniqueId, String argument)
at System.Web.UI.Control.ValidateEvent(String uniqueID, String eventArgument)
at System.Web.UI.WebControls.LinkButton.RaisePostBackEvent(String eventArgument)
at System.Web.UI.WebControls.LinkButton.System.Web.UI.IPostBackEventHandler.RaisePostBackEvent(String eventArgument)
at System.Web.UI.Page.RaisePostBackEvent(IPostBackEventHandler sourceControl, String eventArgument)
at System.Web.UI.Page.RaisePostBackEvent(NameValueCollection postData)
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
--- End of inner exception stack trace ---
at System.Web.UI.Page.HandleError(Exception e)
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
at System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
at System.Web.UI.Page.ProcessRequest()
at System.Web.UI.Page.ProcessRequestWithNoAssert(HttpContext context)
at System.Web.UI.Page.ProcessRequest(HttpContext context)
at ASP.contacts_default_aspx.ProcessRequest(HttpContext context)
at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
但推荐的解决方案是设置为false,但这似乎会造成安全漏洞。这些评论推荐了几种替代方案,但由于它们需要在我的网站中使用的每个DataGrid或Repeater控件中添加代码,所以它们看起来都相当复杂。
是否有更通用的解决方案可以在不牺牲安全性的情况下完成?
答案 0 :(得分:9)
回发时未提供页面上的隐藏字段。 这些领域有几个,它们通常是ASP.Net提供的“魔术”所必需的。
在您的页面指令中,您可以在页面指令中将enableEventValidation = false设置为将其关闭,however that may not be desirable。
You can move the write code to move the elements to the top of the page
最后,我相当确定最近在Service Pack或3.5中修复了这个问题。
- 编辑 -
我刚刚找到了设置:RenderAllHiddenFieldsAtTopOfForm
根据MSDN,以下版本支持:3.5 SP1,3.0 SP2,2.0 SP2