By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
435,320 Members | 1,893 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 435,320 IT Pros & Developers. It's quick & easy.

Request.Form error - idHidxml="<recordset><record>

P: n/a
Tom
Hi

I have an aspx page which has javascript to configure xmldata. I added breakpoint to the button method. When I click submit button, it did not go to those breakpoint and show the following error

System.Web.HttpRequestValidationException (0x80004005)
Detect the potential danger of Request.Form value from client side (idHidxml="<recordset><record><...")

System.Web.HttpRequest.ValidateString(String s, String valueName, String collectionName
System.Web.HttpRequest.ValidateNameValueCollection (NameValueCollection nvc, String collectionName
System.Web.HttpRequest.get_Form() +11
System.Web.UI.Page.GetCollectionBasedOnMethod(
System.Web.UI.Page.DeterminePostBackMode(
System.Web.UI.Page.ProcessRequestMain(
System.Web.UI.Page.ProcessRequest(
System.Web.UI.Page.ProcessRequest(HttpContext context
System.Web.CallHandlerExecutionStep.System.Web.Htt pApplication+IExecutionStep.Execute(
System.Web.HttpApplication.ExecuteStep(IExecutionS tep step, Boolean& completedSynchronously) +8

What does that error mean and how can I trace it

Thank

To
Nov 15 '05 #1
Share this Question
Share on Google+
8 Replies


P: n/a
Turn requestValidation off at the page (page directive) or web.config
file -- beware of potential danger in doing so ... docs describe this in
detail

Alex

"Tom" <ke*****@yahoo.com> wrote in message
news:FB**********************************@microsof t.com...
Hi,

I have an aspx page which has javascript to configure xmldata. I added breakpoint to the button method. When I click submit button, it did not go
to those breakpoint and show the following error:
System.Web.HttpRequestValidationException (0x80004005):
Detect the potential danger of Request.Form value from client side (idHidxml="<recordset><record><...").
System.Web.HttpRequest.ValidateString(String s, String valueName, String collectionName) System.Web.HttpRequest.ValidateNameValueCollection (NameValueCollection nvc, String collectionName) System.Web.HttpRequest.get_Form() +113
System.Web.UI.Page.GetCollectionBasedOnMethod()
System.Web.UI.Page.DeterminePostBackMode()
System.Web.UI.Page.ProcessRequestMain()
System.Web.UI.Page.ProcessRequest()
System.Web.UI.Page.ProcessRequest(HttpContext context)
System.Web.CallHandlerExecutionStep.System.Web.Htt pApplication+IExecutionSte
p.Execute() System.Web.HttpApplication.ExecuteStep(IExecutionS tep step, Boolean& completedSynchronously) +87
What does that error mean and how can I trace it?

Thanks

Tom

Nov 15 '05 #2

P: n/a
Tom
Hi Alex

I tried to search over the whole solution (all projects) and cannot find the requestValidation, Request.Form, HttpRequestValidationException or idHidxml="<recordset><record>.

May I ask how can I turn requestValidation off at the page (page directive) or web.config file?

Thanks for hel

To

Turn requestValidation off at the page (page directive) or web.confi
file -- beware of potential danger in doing so ... docs describe this i
detai

Ale

"Tom" <ke*****@yahoo.com> wrote in messag
news:FB**********************************@microsof t.com..
Hi
I have an aspx page which has javascript to configure xmldata. I adde breakpoint to the button method. When I click submit button, it did not g
to those breakpoint and show the following error System.Web.HttpRequestValidationException (0x80004005) Detect the potential danger of Request.Form value from client sid

(idHidxml="<recordset><record><...")
System.Web.HttpRequest.ValidateString(String s, String valueName String collectionName System.Web.HttpRequest.ValidateNameValueCollection (NameValueCollectio nvc, String collectionName System.Web.HttpRequest.get_Form() +11
System.Web.UI.Page.GetCollectionBasedOnMethod(
System.Web.UI.Page.DeterminePostBackMode(
System.Web.UI.Page.ProcessRequestMain(
System.Web.UI.Page.ProcessRequest(
System.Web.UI.Page.ProcessRequest(HttpContext context
System.Web.CallHandlerExecutionStep.System.Web.Htt pApplication+IExecutionSt
p.Execute( System.Web.HttpApplication.ExecuteStep(IExecutionS tep step, Boolean

completedSynchronously) +8 What does that error mean and how can I trace it
Thank
To

Nov 15 '05 #3

P: n/a
Tom,

I was typing quickly from memory when I responded so I might have confused
you a little :)

The page directive you are looking for is called 'validateRequest'. If you
are using VS, go to your html view of the .aspx page and look at the default
@page directive. Should be something like <%@ Page etc,etc....%>

Set an attribute anywhere in this string that looks like the following:
validateRequest="false".

Your new page directive should look something like this (with your values of
course):

<%@ Page validateRequest="false" language="c#"
Codebehind="<your_page>.aspx.cs" AutoEventWireup="false"
Inherits="<your_namespace.your_codeBehindClass" %>

This will disable client request validation at the 'page' level. Note that
by doing so, malicious postings to your page are no longer going to be
automatically rejected by asp.net so you should take the responsibility of
making sure that the caller's request does not contain unexpected or
malicious content.

HTH,
Alex

"Tom" <ke*****@yahoo.com> wrote in message
news:CD**********************************@microsof t.com...
Hi Alex,

I tried to search over the whole solution (all projects) and cannot find the requestValidation, Request.Form, HttpRequestValidationException or
idHidxml="<recordset><record>.
May I ask how can I turn requestValidation off at the page (page directive) or web.config file?
Thanks for help

Tom

Turn requestValidation off at the page (page directive) or web.config
file -- beware of potential danger in doing so ... docs describe this in detail

Alex

"Tom" <ke*****@yahoo.com> wrote in message
news:FB**********************************@microsof t.com...
> Hi,
>> I have an aspx page which has javascript to configure xmldata. I
added
breakpoint to the button method. When I click submit button, it did not go to those breakpoint and show the following error: >> System.Web.HttpRequestValidationException (0x80004005): > Detect the potential danger of Request.Form value from client side

(idHidxml="<recordset><record><...").
>> System.Web.HttpRequest.ValidateString(String s, String
valueName, String collectionName)
>
System.Web.HttpRequest.ValidateNameValueCollection (NameValueCollection nvc, String collectionName)
> System.Web.HttpRequest.get_Form() +113
> System.Web.UI.Page.GetCollectionBasedOnMethod()
> System.Web.UI.Page.DeterminePostBackMode()
> System.Web.UI.Page.ProcessRequestMain()
> System.Web.UI.Page.ProcessRequest()
> System.Web.UI.Page.ProcessRequest(HttpContext context)
>

System.Web.CallHandlerExecutionStep.System.Web.Htt pApplication+IExecutionSte p.Execute()
> System.Web.HttpApplication.ExecuteStep(IExecutionS tep step,
Boolean& completedSynchronously) +87 >> What does that error mean and how can I trace it?
>> Thanks
>> Tom
>>

Nov 15 '05 #4

P: n/a
Tom
Hi Alex

I tried to add the validateRequest="false" to the page directive and the error did not show now. However, the method does not work.

So, I want to know how to trace that error? There are some javascript in the aspx page and the cs file uses object of other cs files.

I cannot trace the error incurred from Request.Form, HttpRequestValidationException o
idHidxml="<recordset><record>

Is the error in aspx or the corresponding cs file? There is no way to check the aspx file. But, the error incurs when I click that submit button and it did not pass to the button method in cs file. How can I debug it now?

I do really want to find out that bug as this error happens in many aspx pages.

Is there any method to debug the aspx? Can VS.net 2003 do it

Thanks for your kind help

Best regards

To
Nov 15 '05 #5

P: n/a
Well .. you have a couple of options in this case.

The easiest way IMO to track down an unhandled exception would be to start
the app in debug mode and to step thru the page/method/etc.. where you
believe the error is occurring. If you don't know, you can always start the
app by stepping into its first method. Depending on your chosen VS.NET
configuration, your function may be different then mine, but F11 is the one
I have mapped. This will allow you to examine each method as it executes.
Then you can advance the line-by-line execution with whatever your
'step-next' key is (mine is F9).

Another option you have is to enable tracing in the web.config file. Open
web.config and find the 'trace' element. Change the 'enabled' element's
value to "true". When the error occurs in your app, go to the url bar and
replace the <page_name>.aspx portion of the url with trace.axd. This is a
log of the requests made to the app by asp.net. Choose details of your last
request in the list and you should see some debugging info including the
error msg and the stacktrace of the error.

You can also add a TRACE switch to your app. This will log all trace info
to a file for review.

Based on the fact that the 'potentially dangerous Request.Form field ....'
error went away, my guess would be that the error you are seeing now is new
and unrelated to the original post.

If you can isolate the error to a specific page/call, why not post the code
or at least a stacktrace/ToString() of the exception.

Alex

"Tom" <ke*****@yahoo.com> wrote in message
news:66**********************************@microsof t.com...
Hi Alex,

I tried to add the validateRequest="false" to the page directive and the error did not show now. However, the method does not work.
So, I want to know how to trace that error? There are some javascript in the aspx page and the cs file uses object of other cs files.
I cannot trace the error incurred from Request.Form, HttpRequestValidationException or idHidxml="<recordset><record>.

Is the error in aspx or the corresponding cs file? There is no way to check the aspx file. But, the error incurs when I click that submit button
and it did not pass to the button method in cs file. How can I debug it now?
I do really want to find out that bug as this error happens in many aspx pages.
Is there any method to debug the aspx? Can VS.net 2003 do it?

Thanks for your kind help.

Best regards,

Tom

Nov 15 '05 #6

P: n/a
Tom
Hi Alex

I put the breakpoint on page_load method and run the relevant methods in the program line by line by pressing F11. It is ok until the aspx page is loaded. Then, I fill in that webform and press button. The btnSubmit_Click method did not execute and the error page displayed.

Then, I use your 2nd method, replace the <page_name>.aspx portion of the url with trace.axd. It showed a list of aspx pages and I selected the last detail page

It shows the same error as the error pag

Potential danger of Request.Form (idHidxml="<recordset><record><...") has detected
at System.Web.HttpRequest.ValidateString(String s, String valueName, String collectionName
at System.Web.HttpRequest.ValidateNameValueCollection (NameValueCollection nvc, String collectionName
at System.Web.HttpRequest.get_Form(
at System.Web.UI.Page.GetCollectionBasedOnMethod(
at System.Web.UI.Page.DeterminePostBackMode(
at System.Web.UI.Page.ProcessRequestMain(

More info that I can see is

__EVENTTARGET
__EVENTARGUMENT
__VIEWSTATE dDwtMTQ5MjY0MjM3NTt0PHA8bDxHcm91cElEO0RlZmF1bHRBY3 Rpb25TY29wZTtHcm91cE5hbWU7PjtsPGk8MzM+O2k8LTE+O+WJ r+aAu+e7j+eQhjs+PjtsPGk8MT47PjtsPHQ8O2w8aTw0PjtpPD U+O2k8Nz47aTw5Pjs+O2w8dDxAPOWJr+aAu+e7j+eQhjs+Ozs+ O3Q8dDxwPHA8bDxEYXRhVGV4dEZpZWxkO0RhdGFWYWx1ZUZpZW xkOz47bDxNb2R1bGVOYW1lO01vZHVsZUlEOz4+Oz47dDxpPDg+ O0A857O757uf566h55CGO+S6uuS6i+euoeeQhjvooYzmlL/nrqHnkIY75pel5bi45Yqe5YWsO+eJqea1geeuoeeQhjvotKLli qHnrqHnkIY75YWs5YWx5L+h5oGvO+WuouaIt+WFs+ezu+euoee Qhjs+O0A8MDAwOzAwMTswMDI7MDAzOzAwNDswMDU7MDA2OzAwN zs+PjtsPGk8MD47Pj47Oz47dDx0PHA8cDxsPERhdGFUZXh0Rml lbGQ7RGF0YVZhbHVlRmllbGQ7PjtsPEZ1bGxOYW1lO0RlcHRJR Ds+Pjs+O3Q8aTw5PjtAPOmJhemztDvnuL3pg6g76LSi5Yqh6YO oO+S/oeaBr+mDqDvlub/lt57liIblhazlj7g75bm/5bee5YiG5YWs5Y+46LSi5Yqh6YOoO+a3seWcs+WIhuWFrOWPuD vpg5Hlt57liIblhazlj7g7VGVzdGluZyBkZXB0Oz47QDwtMTsw OzEwOzk7MTI7MTM7MTQ7MTY7MTc7Pj47Pjs7Pjt0PHA8bDxzcm M7PjtsPFVzZXJHcm91cEZ1bmN0aW9uUmlnaHRTZWxlY3QuYXNw eD9tb2R1bGVJRD0wMDAmZ3JvdXBJRD0zMzs+Pjs7Pjs+Pjs+Pj s+6AoVoQ6AgVWkVk99WR/De3U8Qwo=
idHidxml <recordset><record><rightid>000.001.R01</rightid><deptid>-1</deptid></record><record><rightid>000.001.R02</rightid><deptid>-1</deptid></record><record><rightid>000.001.R03</rightid><deptid>-1</deptid></record><record><rightid>000.001.R04</rightid><deptid>-1</deptid></record></recordset>
listModule 000
listDefDept -1
btnSubmit Submi

And, there are many server variables.

However, I cannot isolate the error to a specific page/call based on those info

Any suggestion?

Best regards

Tom
Nov 15 '05 #7

P: n/a
Tom,

At this point, it might be hard to progress any further without looking at
the actual project but I do have some other questions.

At what point is the xml data being generated? OnPageLoad of the very first
page in the app? Are you then storing this generated data in a html 'input'
field with hidden=true? Is there a particular reason why the xml would have
to be stored in the input field (if this is the case)?

I would suggest posting the code for this page and let us review it. If you
don't feel comfortable with this, you can send it to my hotmail acct at :
a**********@hotmail.com. Remove the asterisks and you'll have my address.

Alex

"Tom" <ke*****@yahoo.com> wrote in message
news:E0**********************************@microsof t.com...
Hi Alex,

I put the breakpoint on page_load method and run the relevant methods in the program line by line by pressing F11. It is ok until the aspx page is
loaded. Then, I fill in that webform and press button. The btnSubmit_Click
method did not execute and the error page displayed.
Then, I use your 2nd method, replace the <page_name>.aspx portion of the url with trace.axd. It showed a list of aspx pages and I selected the last
detail page.

Nov 15 '05 #8

P: n/a
Tom
Hi Alex

Thank you for your kind help. Although the bug has not been fixed, my classmate can run it. I will check my error and post it here when I fix it

I will send the code to you if I cannot fix it finally.

Best regard

Tom
Nov 15 '05 #9

This discussion thread is closed

Replies have been disabled for this discussion.