我已在我的网络应用程序中处理了跨站点请求伪造。 我将Page.ViewStateUserKey设置为令牌,每次我都会对此进行验证。
一切正常。但当有人试图攻击应用程序时,我在页面上收到此错误。
Server Error in '/' Application.
Validation of viewstate MAC failed. If this application is hosted by a Web Farm or cluster, ensure that <machineKey> configuration specifies the same validationKey and validation algorithm. AutoGenerate cannot be used in a cluster.
因此,每当发生此错误时,我想将页面重定向到某个错误页面。 我无法做到这一点,请帮助我。
完整例外消息:
Server Error in '/' Application.
Validation of viewstate MAC failed. If this application is hosted by a Web Farm or cluster, ensure that <machineKey> configuration specifies the same validationKey and validation algorithm. AutoGenerate cannot be used in a cluster.
See http://go.microsoft.com/fwlink/?LinkID=314055 for more information.
Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.
Exception Details:
System.Web.HttpException: Validation of viewstate MAC failed. If this application is hosted by a Web Farm or cluster, ensure that <machineKey> configuration specifies the same validationKey and validation algorithm. AutoGenerate cannot be used in a cluster.
See http://go.microsoft.com/fwlink/?LinkID=314055 for more information.
Source Error:
[No relevant source lines]
Source File: c:\Users\vivek.nuna\AppData\Local\Temp\Temporary ASP.NET Files\root\a43ffebf\466ecc6a\App_Web_li3kudc3.0.cs Line: 0
Stack Trace:
[ViewStateException: Invalid viewstate.
Client IP: ::1
Port:
Referer:
Path: /CreateMerchantPage.aspx
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:32.0) Gecko/20100101 Firefox/32.0
ViewState: /wEPDwUJLTY5MTA0ODQzDxYCHg9PbGRNZXJjaGFudE5hbWVkFgJmD2QWAgIDD2QWAgIBD2QWCAIBD2QWBmYPFgIeEENhdXNlc1ZhbGlkYXRpb25oZAIBDxYCHwFoZAICDxYCHwFoZAIDD2QWBAIBD2QWAgIBDxYCHgdWaXNpYmxlaGQCAw9kFgYCDQ9kFgJmDxYCHgRocmVmBRlDcmVhdGVVc2VyTWFzdGVyUGFnZS5hc3B4ZAITDxYCHwJoZAIVDxYCHwJoZAILD2QWEgIBD2QWAmYPZBYCZg9kFgJmD2QWDGYPZBYEAgIPDxYCHwJoZGQCAw8PFgIfAmhkZAIED2QWBAIBD2QWAmYPEA8WBh4NRGF0YVRleHRGaWVsZAUFVmFsdWUeDkRhdGFWYWx1ZUZpZWxkBQNLZXkeC18hRGF0YUJvdW5kZ2QQFQQETm9uZQVMb2NhbAhSZWdpb25hbAhOYXRpb25hbBUEATAEMTAwMAQxMDAxBDEwMDIUKwMEZ2dnZ2RkAgMPZBYCZg8QZBAVAQAVAQAUKwMBZxYBZmQCBQ9kFgQCAQ9kFgJmDxBkEBUBABUBABQrAwFnZGQCAw9kFgJmDxBkEBUBABUBABQrAwFnZGQCBw9kFgQCAQ9kFgJmDxAPFgYfBAUFVmFsdWUfBQUDS2V5HwZnZBAVHQROT05FA0FVRANCSEQDQ0FEA0RLSwNIS0QDSU5SA0lMUwNKUFkDSk9EA0tSVwNLV0QDTVlSA09NUgNOWkQDTk9LA1FBUgNSVUIDU0FSA1NHRANaQVIDU0VLA0NIRgNUSEIDQUVEA0VHUANHQlADVVNEA0VVUhUdATACMzYCN...]
[HttpException (0x80004005): Validation of viewstate MAC failed. If this application is hosted by a Web Farm or cluster, ensure that <machineKey> configuration specifies the same validationKey and validation algorithm. AutoGenerate cannot be used in a cluster.
See http://go.microsoft.com/fwlink/?LinkID=314055 for more information.]
System.Web.UI.ViewStateException.ThrowError(Exception inner, String persistedState, String errorPageMessage, Boolean macValidationError) +116
System.Web.UI.ObjectStateFormatter.Deserialize(String inputString, Purpose purpose) +432
System.Web.UI.ObjectStateFormatter.System.Web.UI.IStateFormatter2.Deserialize(String serializedState, Purpose purpose) +8
System.Web.UI.Util.DeserializeWithAssert(IStateFormatter2 formatter, String serializedState, Purpose purpose) +40
System.Web.UI.HiddenFieldPageStatePersister.Load() +248
System.Web.UI.Page.LoadPageStateFromPersistenceMedium() +272
System.Web.UI.Page.LoadAllState() +36
System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +6704
System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +245
System.Web.UI.Page.ProcessRequest() +72
System.Web.UI.Page.ProcessRequestWithNoAssert(HttpContext context) +21
System.Web.UI.Page.ProcessRequest(HttpContext context) +58
ASP.createmerchantpage_aspx.ProcessRequest(HttpContext context) in c:\Users\vivek.nuna\AppData\Local\Temp\Temporary ASP.NET Files\root\a43ffebf\466ecc6a\App_Web_li3kudc3.0.cs:0
System.Web.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() +341
System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +69
Version Information: Microsoft .NET Framework Version:4.0.30319; ASP.NET Version:4.0.30319.34237