如果我的网站上传控件定义为:
<dx:ASPxUploadControl ID="ucStatement" runat="server" Width="200px"
ClientInstanceName="ucStatement" ClientVisible="true" AutoStartUpload="True"
OnFileUploadComplete="ucStatement_FileUploadComplete"
OnInit="ucStatement_Init"></dx:ASPxUploadControl>
ucStatement_FileUploadComplete定义如下,稍后使用ms时:
MemoryStream ms;
protected void ucStatement_FileUploadComplete(object sender, FileUploadCompleteEventArgs e)
{
if (!e.UploadedFile.IsValid)
return;
ms = new MemoryStream();
e.UploadedFile.FileContent.CopyTo(ms);
}
在服务器上,DID可以正常工作,但由于我们的安全技术人员更改了Web配置以符合某些安全注意事项,因此会引发错误:
服务器遇到阻止它的内部未指定错误 完成请求。
网络配置的变化显然在列表中很高,为什么这个功能不再起作用,但它们是非常小的变化,不应该对此产生影响。
从DevExpress网站上的各种帖子中了解到这一点,有很多原因可以解释为什么会抛出它以及如何减轻它。最相关的帖子为https://www.devexpress.com/Support/Center/Question/Details/KA18611
解决那里提出的问题:
1.1当总请求长度超过&#34; system.web&gt;所允许的最大值时,通常会发生此问题。 httpRuntime&gt;的maxRequestLength&#34; Web.config密钥
我只是尝试上传一个~4kb的文件,我按照建议设置了web配置:
<system.web>
<httpRuntime maxRequestLength="4096" />
...
</system.web>
和
<system.webServer>
...
<security>
<requestFiltering>
<requestLimits maxAllowedContentLength="30000000" />
</requestFiltering>
</security>
</system.webServer>
由于我不想强制执行Silverlight,我也不会将UploadMode更改为Advanced。
编辑:进一步调查显示DXR.axd中一个名为GetFakeIframeDocument的方法抛出错误,只有当DevEx工作人员说请求长度大于maxRequestLength但事实并非如此。你可以在这篇帖子底部的web.config中看到任何可以否定此设置的内容吗?或者根本不允许任何上传?
1.2当Web服务器返回意外的响应/代码时,也会发生这种情况。
他们建议将FileUploadMode更改为OnPageLoad。这样做会产生同样的错误。
1.3&#34;服务器遇到内部未指定的错误,导致无法完成请求&#34;在Web.config文件中启用跟踪也可能导致错误。
未在web.config中设置跟踪
1.4是否可以自定义/覆盖&#34;服务器遇到内部未指定的错误,导致其无法履行请求&#34;错误消息?
他们建议通过捕获所有CallBack错误来捕获错误。我已经这样做了:
void Application_Start(object sender, EventArgs e) {
DevExpress.Web.ASPxWebControl.CallbackError += new EventHandler(Application_Error);
}
void Application_Error(object sender, EventArgs e)
{
HttpServerUtility server = HttpContext.Current.Server;
Exception ex = server.GetLastError();
if (ex is HttpUnhandledException)
ex = ex.InnerException;
ProcessException(ex)
}
ProcessException执行许多不同的操作,写入事件日志,写入错误日志文件并插入SQL数据库。
如果应用程序的任何其他部分引发错误,则所有这些函数都有效。当Upload Control抛出错误时,不会记录任何内容。
那么,可能导致这种情况的原因是什么?为什么此错误不会触及Application_Error函数?我该怎么办?
以下是完整披露的web.config:
<configuration>
<configSections>
<sectionGroup name="devExpress">
<section name="themes" type="DevExpress.Web.ThemesConfigurationSection, DevExpress.Web.v14.2, Version=14.2.7.0, Culture=neutral, PublicKeyToken=b88d1754d700e49a" requirePermission="false" />
<section name="compression" type="DevExpress.Web.CompressionConfigurationSection, DevExpress.Web.v14.2, Version=14.2.7.0, Culture=neutral, PublicKeyToken=b88d1754d700e49a" requirePermission="false" />
<section name="settings" type="DevExpress.Web.SettingsConfigurationSection, DevExpress.Web.v14.2, Version=14.2.7.0, Culture=neutral, PublicKeyToken=b88d1754d700e49a" requirePermission="false" />
<section name="errors" type="DevExpress.Web.ErrorsConfigurationSection, DevExpress.Web.v14.2, Version=14.2.7.0, Culture=neutral, PublicKeyToken=b88d1754d700e49a" requirePermission="false" />
</sectionGroup>
</configSections>
<connectionStrings>
<add connectionString="xxxxx" name="myConnectionString" providerName="System.Data.SqlClient" />
</connectionStrings>
<system.web>
<httpCookies httpOnlyCookies="true" requireSSL="true"/>
<compilation debug="false" targetFramework="4.5">
<assemblies>
<add assembly="DevExpress.Data.v14.2, Version=14.2.7.0, Culture=neutral, PublicKeyToken=b88d1754d700e49a" />
<add assembly="DevExpress.Web.v14.2, Version=14.2.7.0, Culture=neutral, PublicKeyToken=b88d1754d700e49a" />
<add assembly="DevExpress.Web.ASPxHtmlEditor.v14.2, Version=14.2.7.0, Culture=neutral, PublicKeyToken=b88d1754d700e49a" />
<add assembly="DevExpress.Web.ASPxSpellChecker.v14.2, Version=14.2.7.0, Culture=neutral, PublicKeyToken=b88d1754d700e49a" />
<add assembly="DevExpress.Web.ASPxTreeList.v14.2, Version=14.2.7.0, Culture=neutral, PublicKeyToken=b88d1754d700e49a" />
<add assembly="DevExpress.Web.ASPxThemes.v14.2, Version=14.2.7.0, Culture=neutral, PublicKeyToken=b88d1754d700e49a" />
<add assembly="DevExpress.Web.ASPxPivotGrid.v14.2, Version=14.2.7.0, Culture=neutral, PublicKeyToken=b88d1754d700e49a" />
<add assembly="DevExpress.Utils.v14.2, Version=14.2.7.0, Culture=neutral, PublicKeyToken=b88d1754d700e49a" />
<add assembly="DevExpress.Office.v14.2.Core, Version=14.2.7.0, Culture=neutral, PublicKeyToken=b88d1754d700e49a" />
<add assembly="DevExpress.RichEdit.v14.2.Core, Version=14.2.7.0, Culture=neutral, PublicKeyToken=b88d1754d700e49a" />
<add assembly="DevExpress.SpellChecker.v14.2.Core, Version=14.2.7.0, Culture=neutral, PublicKeyToken=b88d1754d700e49a" />
<add assembly="DevExpress.Charts.v14.2.Core, Version=14.2.7.0, Culture=neutral, PublicKeyToken=b88d1754d700e49a" />
<add assembly="DevExpress.XtraCharts.v14.2, Version=14.2.7.0, Culture=neutral, PublicKeyToken=b88d1754d700e49a" />
<add assembly="DevExpress.XtraGauges.v14.2.Core, Version=14.2.7.0, Culture=neutral, PublicKeyToken=b88d1754d700e49a" />
<add assembly="DevExpress.XtraGauges.v14.2.Presets, Version=14.2.7.0, Culture=neutral, PublicKeyToken=b88d1754d700e49a" />
<add assembly="DevExpress.Web.ASPxGauges.v14.2, Version=14.2.7.0, Culture=neutral, PublicKeyToken=b88d1754d700e49a" />
<add assembly="DevExpress.XtraCharts.v14.2.Web, Version=14.2.7.0, Culture=neutral, PublicKeyToken=b88d1754d700e49a" />
<add assembly="DevExpress.Printing.v14.2.Core, Version=14.2.7.0, Culture=neutral, PublicKeyToken=b88d1754d700e49a" />
<add assembly="DevExpress.XtraReports.v14.2, Version=14.2.7.0, Culture=neutral, PublicKeyToken=b88d1754d700e49a" />
<add assembly="DevExpress.XtraReports.v14.2.Web, Version=14.2.7.0, Culture=neutral, PublicKeyToken=b88d1754d700e49a" />
<add assembly="DevExpress.XtraPivotGrid.v14.2, Version=14.2.7.0, Culture=neutral, PublicKeyToken=b88d1754d700e49a" />
<add assembly="DevExpress.PivotGrid.v14.2.Core, Version=14.2.7.0, Culture=neutral, PublicKeyToken=b88d1754d700e49a" />
<add assembly="DevExpress.XtraScheduler.v14.2.Core, Version=14.2.7.0, Culture=neutral, PublicKeyToken=b88d1754d700e49a" />
<add assembly="DevExpress.Web.ASPxScheduler.v14.2, Version=14.2.7.0, Culture=neutral, PublicKeyToken=b88d1754d700e49a" />
<add assembly="DevExpress.Spreadsheet.v14.2.Core, Version=14.2.7.0, Culture=neutral, PublicKeyToken=b88d1754d700e49a" />
<add assembly="DevExpress.Web.ASPxSpreadsheet.v14.2, Version=14.2.7.0, Culture=neutral, PublicKeyToken=b88d1754d700e49a" />
</assemblies>
</compilation>
<authentication mode="Windows" />
<profile>
<providers>
<clear />
<add name="AspNetSqlProfileProvider" type="System.Web.Profile.SqlProfileProvider" connectionStringName="ApplicationServices" applicationName="/" />
</providers>
</profile>
<roleManager enabled="false">
<providers>
<clear />
<add name="AspNetSqlRoleProvider" type="System.Web.Security.SqlRoleProvider" connectionStringName="ApplicationServices" applicationName="/" />
<add name="AspNetWindowsTokenRoleProvider" type="System.Web.Security.WindowsTokenRoleProvider" applicationName="/" />
</providers>
</roleManager>
<sessionState timeout="5"></sessionState>
<httpHandlers>
<add type="DevExpress.Web.ASPxUploadProgressHttpHandler, DevExpress.Web.v14.2, Version=14.2.7.0, Culture=neutral, PublicKeyToken=b88d1754d700e49a" verb="GET,POST" path="ASPxUploadProgressHandlerPage.ashx" validate="false" />
<add type="DevExpress.Web.ASPxHttpHandlerModule, DevExpress.Web.v14.2, Version=14.2.7.0, Culture=neutral, PublicKeyToken=b88d1754d700e49a" verb="GET,POST" path="DX.ashx" validate="false" />
</httpHandlers>
<httpModules>
<add type="DevExpress.Web.ASPxHttpHandlerModule, DevExpress.Web.v14.2, Version=14.2.7.0, Culture=neutral, PublicKeyToken=b88d1754d700e49a" name="ASPxHttpHandlerModule" />
</httpModules>
<globalization culture="" uiCulture="" />
<httpRuntime maxRequestLength="4096" requestValidationMode="4.0" executionTimeout="110" />
<pages validateRequest="true" clientIDMode="AutoID">
<controls>
<add tagPrefix="dx" namespace="DevExpress.Web" assembly="DevExpress.Web.v14.2, Version=14.2.7.0, Culture=neutral, PublicKeyToken=b88d1754d700e49a" />
</controls>
</pages>
<authorization>
<allow users="*" />
</authorization>
<machineKey decryption="AES" validation="AES" />
<trust level="Full" />
</system.web>
<system.webServer>
<modules runAllManagedModulesForAllRequests="true">
<add type="DevExpress.Web.ASPxHttpHandlerModule, DevExpress.Web.v14.2, Version=14.2.7.0, Culture=neutral, PublicKeyToken=b88d1754d700e49a" name="ASPxHttpHandlerModule" />
</modules>
<handlers>
<add type="DevExpress.Web.ASPxUploadProgressHttpHandler, DevExpress.Web.v14.2, Version=14.2.7.0, Culture=neutral, PublicKeyToken=b88d1754d700e49a" verb="GET,POST" path="ASPxUploadProgressHandlerPage.ashx" name="ASPxUploadProgressHandler" preCondition="integratedMode" />
<add type="DevExpress.Web.ASPxHttpHandlerModule, DevExpress.Web.v14.2, Version=14.2.7.0, Culture=neutral, PublicKeyToken=b88d1754d700e49a" verb="GET,POST" path="DX.ashx" name="ASPxHttpHandlerModule" preCondition="integratedMode" />
</handlers>
<validation validateIntegratedModeConfiguration="false" />
<security>
<requestFiltering>
<requestLimits maxAllowedContentLength="30000000" />
<fileExtensions allowUnlisted="true">
</fileExtensions>
</requestFiltering>
</security>
<httpErrors errorMode="Custom" />
<httpProtocol>
<customHeaders>
<add name="X-Frame-Options" value="DENY" />
<add name="X-Content-Type-Options" value="no sniff"/>
</customHeaders>
</httpProtocol>
</system.webServer>
<devExpress>
<themes enableThemesAssembly="true" styleSheetTheme="" theme="Metropolis" customThemeAssemblies="" />
<compression enableHtmlCompression="false" enableCallbackCompression="true" enableResourceCompression="true" enableResourceMerging="true" />
<settings doctypeMode="Html5" rightToLeft="false" embedRequiredClientLibraries="true" ieCompatibilityVersion="edge" />
<errors callbackErrorRedirectUrl=""/>
</devExpress>
</configuration>
答案 0 :(得分:1)
我意识到错误是在GetFakeIframeDocument方法中引发的,我通过web.config搜索了一些可能与iframe相关的内容。在httpProtocol&gt; customHeaders有元素:
<add name="X-Frame-Options" value="DENY" />
这会阻止任何iframe显示网站内容。将value更改为SAMEORIGIN可让网站使用iframe显示网站内容,但不允许任何外部iframe显示网站内容。当我将上面的web.config元素更改为:
<add name="X-Frame-Options" value="SAMEORIGIN" />