469,317 Members | 2,024 Online
Bytes | Developer Community
New Post

Home Posts Topics Members FAQ

Post your question to a community of 469,317 developers. It's quick & easy.

access is denied error in a FileUpload control

Hi to all,

I have an error that drove me crazy. Try the following page that should only
allow to upload a file:

<html xmlns="http://www.w3.org/1999/xhtml" >
<head runat="server">
<title>Untitled Page</title>
</head>
<body>
<form id="form1" runat="server" enctype="multipart/form-data">
<div>
<asp:FileUpload ID="FileUpload1" runat="server" />
<asp:Button ID="Button1" runat="server" Text="Submit"
UseSubmitBehavior="false" />
</div>
</form>
</body>
</html>

The code behind is empty.

Well. It works if you select a file from the Browse button, and it works if
you enter a file name like "C:\text.txt", also if the file doesn't exist,
but it doesn't work if you enter a file name like "pippo.txt".

The javascript error you get is "Access is denied" at the end of the
__doPostBack() function, near the call to "theForm.submit();"

This behaviour has been verified in Intenet explorer 6.0 and 7.0, while it
doesn't occur in Firefox nor in Pocket Internet Explorer. Opera is not
showing any error but doesn't submit the page since the file doesn't exist.

I know that the problem is caused by the UseSubmitBehavior="false"
attribute, because if you remove it, no problems occur.
The fact is that in my code I cannot remove the UseSubmitBehaviour attribute
because I deactivate the buttons when submitting.

Any suggestion?

I'm thinking to verify the text entered in the text area with a regular
expression or something similar. Do you think this would solve the problem
in the proper way?

Regards,
Paolo.

Sep 18 '06 #1
2 7806
hi paolo,
if you type in pippo.txt, how could you expect the browser to know where on
your computer that is? you would be basically providing a relative path
from nowhere.

i would guess that you'd be looking at a microscopic proportion of strange
users who would try typing in a relative path into a file upload box.

you could add an onkeyup to the fileupload control, and check the input with
a function like this:
<script>
function check(source)
{
if(!..put your regex here...)
alert("don't be a tool, give me a proper file!");
}
</script>

i can see how it could be annoying to a developer, although you can
understand why IE does this and it is probably by design that it tells the
user it cannot access a certain file that they themselves provided. masking
the error like firefox or Opera isn't exactly desirable either.

tim
"Paolo" <paolo_benetti@-NOSPAM-hotmail.comwrote in message
news:Og****************@TK2MSFTNGP04.phx.gbl...
Hi to all,

I have an error that drove me crazy. Try the following page that should
only allow to upload a file:

<html xmlns="http://www.w3.org/1999/xhtml" >
<head runat="server">
<title>Untitled Page</title>
</head>
<body>
<form id="form1" runat="server" enctype="multipart/form-data">
<div>
<asp:FileUpload ID="FileUpload1" runat="server" />
<asp:Button ID="Button1" runat="server" Text="Submit"
UseSubmitBehavior="false" />
</div>
</form>
</body>
</html>

The code behind is empty.

Well. It works if you select a file from the Browse button, and it works
if you enter a file name like "C:\text.txt", also if the file doesn't
exist, but it doesn't work if you enter a file name like "pippo.txt".

The javascript error you get is "Access is denied" at the end of the
__doPostBack() function, near the call to "theForm.submit();"

This behaviour has been verified in Intenet explorer 6.0 and 7.0, while it
doesn't occur in Firefox nor in Pocket Internet Explorer. Opera is not
showing any error but doesn't submit the page since the file doesn't
exist.

I know that the problem is caused by the UseSubmitBehavior="false"
attribute, because if you remove it, no problems occur.
The fact is that in my code I cannot remove the UseSubmitBehaviour
attribute because I deactivate the buttons when submitting.

Any suggestion?

I'm thinking to verify the text entered in the text area with a regular
expression or something similar. Do you think this would solve the problem
in the proper way?

Regards,
Paolo.

Sep 18 '06 #2
Hi Tim,
>i would guess that you'd be looking at a microscopic proportion of strange
users who would try typing in a relative path into a file upload box.
This is exactly the case, and in particular I was thinking at that
nanoscopic portion of strange users who will test my application typing in
the text fields a lot of "asdlgij09324mf" random texts to check if something
will crash.....
My further problem is that I have implemented an automatic upload control
that upload the file in the onchange event of the FileUpload control, so I
have to check if the field contains valid text in the onchange event, not in
the onkeyup.
Do you have a suggestion on the regex to adopt? It seems that I have to
check if a "drive" is specified at the beginning of the string, either in
the '\\' form or in the "X:\" form, but also the '\' form must be accepted,
since I will be using pda too to upload files, and the paths in pda use this
last form.

Regarding the design issue. I do not agree with your consideration. The
problem is that you have two different behaviours between the file that
doesn't exist (posted file of 0 bytes) and file written in a wrong format
(javascript error). In addiction, the response to the same entered text is
different if you set the button to have submit behaviour or not, so things
are really confusing.
This would be acceptable if I had a way to manage the error without breaking
the page, but unfortunately it seems I have no way to do so.

However, thank you for supporting.
Paolo.


"Tim_Mac" <ti********@community.nospamwrote in message
news:un**************@TK2MSFTNGP06.phx.gbl...
hi paolo,
if you type in pippo.txt, how could you expect the browser to know where
on your computer that is? you would be basically providing a relative
path from nowhere.

i would guess that you'd be looking at a microscopic proportion of strange
users who would try typing in a relative path into a file upload box.

you could add an onkeyup to the fileupload control, and check the input
with a function like this:
<script>
function check(source)
{
if(!..put your regex here...)
alert("don't be a tool, give me a proper file!");
}
</script>

i can see how it could be annoying to a developer, although you can
understand why IE does this and it is probably by design that it tells the
user it cannot access a certain file that they themselves provided.
masking the error like firefox or Opera isn't exactly desirable either.

tim
"Paolo" <paolo_benetti@-NOSPAM-hotmail.comwrote in message
news:Og****************@TK2MSFTNGP04.phx.gbl...
>Hi to all,

I have an error that drove me crazy. Try the following page that should
only allow to upload a file:

<html xmlns="http://www.w3.org/1999/xhtml" >
<head runat="server">
<title>Untitled Page</title>
</head>
<body>
<form id="form1" runat="server" enctype="multipart/form-data">
<div>
<asp:FileUpload ID="FileUpload1" runat="server" />
<asp:Button ID="Button1" runat="server" Text="Submit"
UseSubmitBehavior="false" />
</div>
</form>
</body>
</html>

The code behind is empty.

Well. It works if you select a file from the Browse button, and it works
if you enter a file name like "C:\text.txt", also if the file doesn't
exist, but it doesn't work if you enter a file name like "pippo.txt".

The javascript error you get is "Access is denied" at the end of the
__doPostBack() function, near the call to "theForm.submit();"

This behaviour has been verified in Intenet explorer 6.0 and 7.0, while
it doesn't occur in Firefox nor in Pocket Internet Explorer. Opera is not
showing any error but doesn't submit the page since the file doesn't
exist.

I know that the problem is caused by the UseSubmitBehavior="false"
attribute, because if you remove it, no problems occur.
The fact is that in my code I cannot remove the UseSubmitBehaviour
attribute because I deactivate the buttons when submitting.

Any suggestion?

I'm thinking to verify the text entered in the text area with a regular
expression or something similar. Do you think this would solve the
problem in the proper way?

Regards,
Paolo.


Sep 19 '06 #3

This discussion thread is closed

Replies have been disabled for this discussion.

Similar topics

1 post views Thread by Marcos | last post: by
1 post views Thread by Ravi | last post: by
reply views Thread by Gururaj Badam | last post: by
1 post views Thread by igotyourdotnet | last post: by
1 post views Thread by CARIGAR | last post: by
reply views Thread by suresh191 | last post: by
reply views Thread by harlem98 | last post: by
reply views Thread by harlem98 | last post: by
By using this site, you agree to our Privacy Policy and Terms of Use.