469,592 Members | 2,032 Online
Bytes | Developer Community
New Post

Home Posts Topics Members FAQ

Post your question to a community of 469,592 developers. It's quick & easy.

Invalid_Viewstate exception with Invalid character in a Base-64 st

I have read many things about this but I haven't got a clear vision on what
to do if anything about this.

I have a system that tries to find holes in my web site. One of the things
it has found and has been sent to me is

an Invalid_Viewstate exception. I will provide the stack trace below. If
you read down the stack trace it talks about "Invalid chararcter in a base-64
string" error. After reading much about this have not found any resolution.
I did read where one person said that people hit sites that require
information and they sending bad or spam in hopes the site will forward the
information on to an email and my site is capturing that because they also
are changing the hidden field _VIEWSTATE which in turn causes this exception.
I also read that the data that is being entered is not passing validation
and there is a need to trap for it.

so I still don't know what is exactly causing this error and should I worry
about it.

Here is the stack trace

The error description is as follows :

System.Web.HttpUnhandledException: Exception of type
System.Web.HttpUnhandledException was thrown. ---System.Web.HttpException:
Invalid_Viewstate

Client IP: 64.14.3.222

Port: 40520

User-Agent: Mozilla/5.0 (compatible; MSIE 7.0; MSIE 6.0; ScanAlert;
+http://www.scanalert.com/bot.jsp) Firefox/2.0.0.3

ViewState: ("blah blah blah" a bunch of encrypted data or something that I
am just going to leave out)

Http-Referer:

Path: /folder/myGatherInformationPage.aspx. ---System.FormatException:
Invalid character in a Base-64 string.

at System.Convert.FromBase64String(String s)

at System.Web.UI.LosFormatter.Deserialize(String input)

at System.Web.UI.Page.LoadPageStateFromPersistenceMed ium()

--- End of inner exception stack trace ---

at System.Web.UI.Page.LoadPageStateFromPersistenceMed ium()

at System.Web.UI.Page.LoadPageViewState()

at System.Web.UI.Page.ProcessRequestMain()

--- End of inner exception stack trace ---

at System.Web.UI.Page.HandleError(Exception e)

at System.Web.UI.Page.ProcessRequestMain()

at System.Web.UI.Page.ProcessRequest()

at System.Web.UI.Page.ProcessRequest(HttpContext context)

at
System.Web.CallHandlerExecutionStep.System.Web.Htt pApplication+IExecutionStep.Execute()

at System.Web.HttpApplication.ExecuteStep(IExecutionS tep step, Boolean&
completedSynchronously)

Any help would greatly be appreciated.

PaulP

MCP
Nov 2 '07 #1
1 2179
Unless you get that same error when human submits the page, I would
ignore it. ScanAlert is sending a bot to the page trying to break it (as
you said) and .NET is making sure that it can't.

-----Original Message-----
From: Paul Phillips [mailto:Pa**********@discussions.microsoft.com]
Posted At: Friday, November 02, 2007 9:37 AM
Posted To: microsoft.public.dotnet.framework.aspnet
Conversation: Invalid_Viewstate exception with Invalid character in a
Base-64 st
Subject: Invalid_Viewstate exception with Invalid character in a Base-64
st

I have read many things about this but I haven't got a clear vision on
what
to do if anything about this.

I have a system that tries to find holes in my web site. One of the
things
it has found and has been sent to me is

an Invalid_Viewstate exception. I will provide the stack trace below. If
you read down the stack trace it talks about "Invalid chararcter in a
base-64
string" error. After reading much about this have not found any
resolution.
I did read where one person said that people hit sites that require
information and they sending bad or spam in hopes the site will forward
the
information on to an email and my site is capturing that because they also
are changing the hidden field _VIEWSTATE which in turn causes this
exception.
I also read that the data that is being entered is not passing validation
and there is a need to trap for it.

so I still don't know what is exactly causing this error and should I
worry
about it.

Here is the stack trace

The error description is as follows :

System.Web.HttpUnhandledException: Exception of type
System.Web.HttpUnhandledException was thrown. --->
System.Web.HttpException:
Invalid_Viewstate

Client IP: 64.14.3.222

Port: 40520

User-Agent: Mozilla/5.0 (compatible; MSIE 7.0; MSIE 6.0; ScanAlert;
+http://www.scanalert.com/bot.jsp) Firefox/2.0.0.3

ViewState: ("blah blah blah" a bunch of encrypted data or something that I
am just going to leave out)

Http-Referer:

Path: /folder/myGatherInformationPage.aspx. ---System.FormatException:
Invalid character in a Base-64 string.

at System.Convert.FromBase64String(String s)

at System.Web.UI.LosFormatter.Deserialize(String input)

at System.Web.UI.Page.LoadPageStateFromPersistenceMed ium()

--- End of inner exception stack trace ---

at System.Web.UI.Page.LoadPageStateFromPersistenceMed ium()

at System.Web.UI.Page.LoadPageViewState()

at System.Web.UI.Page.ProcessRequestMain()

--- End of inner exception stack trace ---

at System.Web.UI.Page.HandleError(Exception e)

at System.Web.UI.Page.ProcessRequestMain()

at System.Web.UI.Page.ProcessRequest()

at System.Web.UI.Page.ProcessRequest(HttpContext context)

at
System.Web.CallHandlerExecutionStep.System.Web.Htt pApplication+IExecutionStep.Execute()

at System.Web.HttpApplication.ExecuteStep(IExecutionS tep step, Boolean&
completedSynchronously)

Any help would greatly be appreciated.

PaulP

MCP
Nov 2 '07 #2

This discussion thread is closed

Replies have been disabled for this discussion.

Similar topics

28 posts views Thread by Frank Puck | last post: by
13 posts views Thread by Markus Elfring | last post: by
5 posts views Thread by Nick Flandry | last post: by
29 posts views Thread by Chris Sutton | last post: by
1 post views Thread by dima | last post: by
2 posts views Thread by InnoCreate | last post: by
reply views Thread by suresh191 | last post: by
4 posts views Thread by guiromero | last post: by
By using this site, you agree to our Privacy Policy and Terms of Use.