I have read many things about this but I haven't got a clear vision on what
to do if anything about this.
I have a system that tries to find holes in my web site. One of the things
it has found and has been sent to me is
an Invalid_Viewsta te exception. I will provide the stack trace below. If
you read down the stack trace it talks about "Invalid chararcter in a base-64
string" error. After reading much about this have not found any resolution.
I did read where one person said that people hit sites that require
information and they sending bad or spam in hopes the site will forward the
information on to an email and my site is capturing that because they also
are changing the hidden field _VIEWSTATE which in turn causes this exception.
I also read that the data that is being entered is not passing validation
and there is a need to trap for it.
so I still don't know what is exactly causing this error and should I worry
about it.
Here is the stack trace
The error description is as follows :
System.Web.Http UnhandledExcept ion: Exception of type
System.Web.Http UnhandledExcept ion was thrown. ---System.Web.Http Exception:
Invalid_Viewsta te
Client IP: 64.14.3.222
Port: 40520
User-Agent: Mozilla/5.0 (compatible; MSIE 7.0; MSIE 6.0; ScanAlert;
+http://www.scanalert.com/bot.jsp) Firefox/2.0.0.3
ViewState: ("blah blah blah" a bunch of encrypted data or something that I
am just going to leave out)
Http-Referer:
Path: /folder/myGatherInforma tionPage.aspx. ---System.FormatEx ception:
Invalid character in a Base-64 string.
at System.Convert. FromBase64Strin g(String s)
at System.Web.UI.L osFormatter.Des erialize(String input)
at System.Web.UI.P age.LoadPageSta teFromPersisten ceMedium()
--- End of inner exception stack trace ---
at System.Web.UI.P age.LoadPageSta teFromPersisten ceMedium()
at System.Web.UI.P age.LoadPageVie wState()
at System.Web.UI.P age.ProcessRequ estMain()
--- End of inner exception stack trace ---
at System.Web.UI.P age.HandleError (Exception e)
at System.Web.UI.P age.ProcessRequ estMain()
at System.Web.UI.P age.ProcessRequ est()
at System.Web.UI.P age.ProcessRequ est(HttpContext context)
at
System.Web.Call HandlerExecutio nStep.System.We b.HttpApplicati on+IExecutionSt ep.Execute()
at System.Web.Http Application.Exe cuteStep(IExecu tionStep step, Boolean&
completedSynchr onously)
Any help would greatly be appreciated.
PaulP
MCP