473,490 Members | 2,486 Online
Bytes | Software Development & Data Engineering Community
Create Post

Home Posts Topics Members FAQ

Request.Form error - idHidxml="<recordset><record>

Tom
Hi

I have an aspx page which has javascript to configure xmldata. I added breakpoint to the button method. When I click submit button, it did not go to those breakpoint and show the following error

System.Web.HttpRequestValidationException (0x80004005)
Detect the potential danger of Request.Form value from client side (idHidxml="<recordset><record><...")

System.Web.HttpRequest.ValidateString(String s, String valueName, String collectionName
System.Web.HttpRequest.ValidateNameValueCollection (NameValueCollection nvc, String collectionName
System.Web.HttpRequest.get_Form() +11
System.Web.UI.Page.GetCollectionBasedOnMethod(
System.Web.UI.Page.DeterminePostBackMode(
System.Web.UI.Page.ProcessRequestMain(
System.Web.UI.Page.ProcessRequest(
System.Web.UI.Page.ProcessRequest(HttpContext context
System.Web.CallHandlerExecutionStep.System.Web.Htt pApplication+IExecutionStep.Execute(
System.Web.HttpApplication.ExecuteStep(IExecutionS tep step, Boolean& completedSynchronously) +8

What does that error mean and how can I trace it

Thank

To
Nov 15 '05 #1
8 2391
Turn requestValidation off at the page (page directive) or web.config
file -- beware of potential danger in doing so ... docs describe this in
detail

Alex

"Tom" <ke*****@yahoo.com> wrote in message
news:FB**********************************@microsof t.com...
Hi,

I have an aspx page which has javascript to configure xmldata. I added breakpoint to the button method. When I click submit button, it did not go
to those breakpoint and show the following error:
System.Web.HttpRequestValidationException (0x80004005):
Detect the potential danger of Request.Form value from client side (idHidxml="<recordset><record><...").
System.Web.HttpRequest.ValidateString(String s, String valueName, String collectionName) System.Web.HttpRequest.ValidateNameValueCollection (NameValueCollection nvc, String collectionName) System.Web.HttpRequest.get_Form() +113
System.Web.UI.Page.GetCollectionBasedOnMethod()
System.Web.UI.Page.DeterminePostBackMode()
System.Web.UI.Page.ProcessRequestMain()
System.Web.UI.Page.ProcessRequest()
System.Web.UI.Page.ProcessRequest(HttpContext context)
System.Web.CallHandlerExecutionStep.System.Web.Htt pApplication+IExecutionSte
p.Execute() System.Web.HttpApplication.ExecuteStep(IExecutionS tep step, Boolean& completedSynchronously) +87
What does that error mean and how can I trace it?

Thanks

Tom

Nov 15 '05 #2
Tom
Hi Alex

I tried to search over the whole solution (all projects) and cannot find the requestValidation, Request.Form, HttpRequestValidationException or idHidxml="<recordset><record>.

May I ask how can I turn requestValidation off at the page (page directive) or web.config file?

Thanks for hel

To

Turn requestValidation off at the page (page directive) or web.confi
file -- beware of potential danger in doing so ... docs describe this i
detai

Ale

"Tom" <ke*****@yahoo.com> wrote in messag
news:FB**********************************@microsof t.com..
Hi
I have an aspx page which has javascript to configure xmldata. I adde breakpoint to the button method. When I click submit button, it did not g
to those breakpoint and show the following error System.Web.HttpRequestValidationException (0x80004005) Detect the potential danger of Request.Form value from client sid

(idHidxml="<recordset><record><...")
System.Web.HttpRequest.ValidateString(String s, String valueName String collectionName System.Web.HttpRequest.ValidateNameValueCollection (NameValueCollectio nvc, String collectionName System.Web.HttpRequest.get_Form() +11
System.Web.UI.Page.GetCollectionBasedOnMethod(
System.Web.UI.Page.DeterminePostBackMode(
System.Web.UI.Page.ProcessRequestMain(
System.Web.UI.Page.ProcessRequest(
System.Web.UI.Page.ProcessRequest(HttpContext context
System.Web.CallHandlerExecutionStep.System.Web.Htt pApplication+IExecutionSt
p.Execute( System.Web.HttpApplication.ExecuteStep(IExecutionS tep step, Boolean

completedSynchronously) +8 What does that error mean and how can I trace it
Thank
To

Nov 15 '05 #3
Tom,

I was typing quickly from memory when I responded so I might have confused
you a little :)

The page directive you are looking for is called 'validateRequest'. If you
are using VS, go to your html view of the .aspx page and look at the default
@page directive. Should be something like <%@ Page etc,etc....%>

Set an attribute anywhere in this string that looks like the following:
validateRequest="false".

Your new page directive should look something like this (with your values of
course):

<%@ Page validateRequest="false" language="c#"
Codebehind="<your_page>.aspx.cs" AutoEventWireup="false"
Inherits="<your_namespace.your_codeBehindClass" %>

This will disable client request validation at the 'page' level. Note that
by doing so, malicious postings to your page are no longer going to be
automatically rejected by asp.net so you should take the responsibility of
making sure that the caller's request does not contain unexpected or
malicious content.

HTH,
Alex

"Tom" <ke*****@yahoo.com> wrote in message
news:CD**********************************@microsof t.com...
Hi Alex,

I tried to search over the whole solution (all projects) and cannot find the requestValidation, Request.Form, HttpRequestValidationException or
idHidxml="<recordset><record>.
May I ask how can I turn requestValidation off at the page (page directive) or web.config file?
Thanks for help

Tom

Turn requestValidation off at the page (page directive) or web.config
file -- beware of potential danger in doing so ... docs describe this in detail

Alex

"Tom" <ke*****@yahoo.com> wrote in message
news:FB**********************************@microsof t.com...
> Hi,
>> I have an aspx page which has javascript to configure xmldata. I
added
breakpoint to the button method. When I click submit button, it did not go to those breakpoint and show the following error: >> System.Web.HttpRequestValidationException (0x80004005): > Detect the potential danger of Request.Form value from client side

(idHidxml="<recordset><record><...").
>> System.Web.HttpRequest.ValidateString(String s, String
valueName, String collectionName)
>
System.Web.HttpRequest.ValidateNameValueCollection (NameValueCollection nvc, String collectionName)
> System.Web.HttpRequest.get_Form() +113
> System.Web.UI.Page.GetCollectionBasedOnMethod()
> System.Web.UI.Page.DeterminePostBackMode()
> System.Web.UI.Page.ProcessRequestMain()
> System.Web.UI.Page.ProcessRequest()
> System.Web.UI.Page.ProcessRequest(HttpContext context)
>

System.Web.CallHandlerExecutionStep.System.Web.Htt pApplication+IExecutionSte p.Execute()
> System.Web.HttpApplication.ExecuteStep(IExecutionS tep step,
Boolean& completedSynchronously) +87 >> What does that error mean and how can I trace it?
>> Thanks
>> Tom
>>

Nov 15 '05 #4
Tom
Hi Alex

I tried to add the validateRequest="false" to the page directive and the error did not show now. However, the method does not work.

So, I want to know how to trace that error? There are some javascript in the aspx page and the cs file uses object of other cs files.

I cannot trace the error incurred from Request.Form, HttpRequestValidationException o
idHidxml="<recordset><record>

Is the error in aspx or the corresponding cs file? There is no way to check the aspx file. But, the error incurs when I click that submit button and it did not pass to the button method in cs file. How can I debug it now?

I do really want to find out that bug as this error happens in many aspx pages.

Is there any method to debug the aspx? Can VS.net 2003 do it

Thanks for your kind help

Best regards

To
Nov 15 '05 #5
Well .. you have a couple of options in this case.

The easiest way IMO to track down an unhandled exception would be to start
the app in debug mode and to step thru the page/method/etc.. where you
believe the error is occurring. If you don't know, you can always start the
app by stepping into its first method. Depending on your chosen VS.NET
configuration, your function may be different then mine, but F11 is the one
I have mapped. This will allow you to examine each method as it executes.
Then you can advance the line-by-line execution with whatever your
'step-next' key is (mine is F9).

Another option you have is to enable tracing in the web.config file. Open
web.config and find the 'trace' element. Change the 'enabled' element's
value to "true". When the error occurs in your app, go to the url bar and
replace the <page_name>.aspx portion of the url with trace.axd. This is a
log of the requests made to the app by asp.net. Choose details of your last
request in the list and you should see some debugging info including the
error msg and the stacktrace of the error.

You can also add a TRACE switch to your app. This will log all trace info
to a file for review.

Based on the fact that the 'potentially dangerous Request.Form field ....'
error went away, my guess would be that the error you are seeing now is new
and unrelated to the original post.

If you can isolate the error to a specific page/call, why not post the code
or at least a stacktrace/ToString() of the exception.

Alex

"Tom" <ke*****@yahoo.com> wrote in message
news:66**********************************@microsof t.com...
Hi Alex,

I tried to add the validateRequest="false" to the page directive and the error did not show now. However, the method does not work.
So, I want to know how to trace that error? There are some javascript in the aspx page and the cs file uses object of other cs files.
I cannot trace the error incurred from Request.Form, HttpRequestValidationException or idHidxml="<recordset><record>.

Is the error in aspx or the corresponding cs file? There is no way to check the aspx file. But, the error incurs when I click that submit button
and it did not pass to the button method in cs file. How can I debug it now?
I do really want to find out that bug as this error happens in many aspx pages.
Is there any method to debug the aspx? Can VS.net 2003 do it?

Thanks for your kind help.

Best regards,

Tom

Nov 15 '05 #6
Tom
Hi Alex

I put the breakpoint on page_load method and run the relevant methods in the program line by line by pressing F11. It is ok until the aspx page is loaded. Then, I fill in that webform and press button. The btnSubmit_Click method did not execute and the error page displayed.

Then, I use your 2nd method, replace the <page_name>.aspx portion of the url with trace.axd. It showed a list of aspx pages and I selected the last detail page

It shows the same error as the error pag

Potential danger of Request.Form (idHidxml="<recordset><record><...") has detected
at System.Web.HttpRequest.ValidateString(String s, String valueName, String collectionName
at System.Web.HttpRequest.ValidateNameValueCollection (NameValueCollection nvc, String collectionName
at System.Web.HttpRequest.get_Form(
at System.Web.UI.Page.GetCollectionBasedOnMethod(
at System.Web.UI.Page.DeterminePostBackMode(
at System.Web.UI.Page.ProcessRequestMain(

More info that I can see is

__EVENTTARGET
__EVENTARGUMENT
__VIEWSTATE dDwtMTQ5MjY0MjM3NTt0PHA8bDxHcm91cElEO0RlZmF1bHRBY3 Rpb25TY29wZTtHcm91cE5hbWU7PjtsPGk8MzM+O2k8LTE+O+WJ r+aAu+e7j+eQhjs+PjtsPGk8MT47PjtsPHQ8O2w8aTw0PjtpPD U+O2k8Nz47aTw5Pjs+O2w8dDxAPOWJr+aAu+e7j+eQhjs+Ozs+ O3Q8dDxwPHA8bDxEYXRhVGV4dEZpZWxkO0RhdGFWYWx1ZUZpZW xkOz47bDxNb2R1bGVOYW1lO01vZHVsZUlEOz4+Oz47dDxpPDg+ O0A857O757uf566h55CGO+S6uuS6i+euoeeQhjvooYzmlL/nrqHnkIY75pel5bi45Yqe5YWsO+eJqea1geeuoeeQhjvotKLli qHnrqHnkIY75YWs5YWx5L+h5oGvO+WuouaIt+WFs+ezu+euoee Qhjs+O0A8MDAwOzAwMTswMDI7MDAzOzAwNDswMDU7MDA2OzAwN zs+PjtsPGk8MD47Pj47Oz47dDx0PHA8cDxsPERhdGFUZXh0Rml lbGQ7RGF0YVZhbHVlRmllbGQ7PjtsPEZ1bGxOYW1lO0RlcHRJR Ds+Pjs+O3Q8aTw5PjtAPOmJhemztDvnuL3pg6g76LSi5Yqh6YO oO+S/oeaBr+mDqDvlub/lt57liIblhazlj7g75bm/5bee5YiG5YWs5Y+46LSi5Yqh6YOoO+a3seWcs+WIhuWFrOWPuD vpg5Hlt57liIblhazlj7g7VGVzdGluZyBkZXB0Oz47QDwtMTsw OzEwOzk7MTI7MTM7MTQ7MTY7MTc7Pj47Pjs7Pjt0PHA8bDxzcm M7PjtsPFVzZXJHcm91cEZ1bmN0aW9uUmlnaHRTZWxlY3QuYXNw eD9tb2R1bGVJRD0wMDAmZ3JvdXBJRD0zMzs+Pjs7Pjs+Pjs+Pj s+6AoVoQ6AgVWkVk99WR/De3U8Qwo=
idHidxml <recordset><record><rightid>000.001.R01</rightid><deptid>-1</deptid></record><record><rightid>000.001.R02</rightid><deptid>-1</deptid></record><record><rightid>000.001.R03</rightid><deptid>-1</deptid></record><record><rightid>000.001.R04</rightid><deptid>-1</deptid></record></recordset>
listModule 000
listDefDept -1
btnSubmit Submi

And, there are many server variables.

However, I cannot isolate the error to a specific page/call based on those info

Any suggestion?

Best regards

Tom
Nov 15 '05 #7
Tom,

At this point, it might be hard to progress any further without looking at
the actual project but I do have some other questions.

At what point is the xml data being generated? OnPageLoad of the very first
page in the app? Are you then storing this generated data in a html 'input'
field with hidden=true? Is there a particular reason why the xml would have
to be stored in the input field (if this is the case)?

I would suggest posting the code for this page and let us review it. If you
don't feel comfortable with this, you can send it to my hotmail acct at :
a**********@hotmail.com. Remove the asterisks and you'll have my address.

Alex

"Tom" <ke*****@yahoo.com> wrote in message
news:E0**********************************@microsof t.com...
Hi Alex,

I put the breakpoint on page_load method and run the relevant methods in the program line by line by pressing F11. It is ok until the aspx page is
loaded. Then, I fill in that webform and press button. The btnSubmit_Click
method did not execute and the error page displayed.
Then, I use your 2nd method, replace the <page_name>.aspx portion of the url with trace.axd. It showed a list of aspx pages and I selected the last
detail page.

Nov 15 '05 #8
Tom
Hi Alex

Thank you for your kind help. Although the bug has not been fixed, my classmate can run it. I will check my error and post it here when I fix it

I will send the code to you if I cannot fix it finally.

Best regard

Tom
Nov 15 '05 #9
Create Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics
5
4931
<%# Container.DataItem( "*" )%> in a datalist
by: .Net Sports | last post by:
I'm having problems trying to get a record out of a resultset when working with a Datalist control. <%# Container.DataItem( "myfield" )%is how I am displaying the field , but when trying to do an...
ASP.NET
0
7112
marktang
What is ONU?
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
General
0
7146
Oralloy
Problem With Comparison Operator <=> in G++
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers,...
C / C++
0
7183
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
Online Marketing
1
6852
The easy way to turn off automatic updates for Windows 10/11
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
Windows Server
1
4878
isladogs
Access Europe - Using VBA to create a class based on a table - Wed 1 May
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome a new...
Microsoft Access / VBA
0
3084
Trying to create a lan-to-lan vpn between two differents networks
by: TSSRALBI | last post by:
Hello I'm a network technician in training and I need your help. I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs. The...
Networking - Hardware / Configuration
0
1389
transfer the data from one system to another through ip address
by: 6302768590 | last post by:
Hai team i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated ...
C# / C Sharp
1
628
muto222
How to add payments to a PHP MySQL app.
by: muto222 | last post by:
How can i add a mobile payment intergratation into php mysql website.
PHP
0
277
bsmnconsultancy
Comprehensive Guide to Website Development in Toronto: Expert Insights from BSMN Consultancy
by: bsmnconsultancy | last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence...
General

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes
How to Post and Respond on Bytes
How to Promote and Link on Bytes
How to increase your Ranking on Bytes
Become a Recognized Expert on Bytes
Feedback Welcomed! Contact Us