Solved

Help with unusual error message (System.Web.HttpException: Invalid_Viewstate)

Posted on 2004-10-20
9
928 Views
Last Modified: 2008-01-09
I was looking through the logs on one of my applications today when I noticed a strange error message that I'm having trouble explaining.  The text of the exception is pasted below.  Does anyone have any idea what this is, or if I should be worried?  The app has been running for a couple of weeks now, but this is the first time I have got this, or any other message.

Thanks in advance.

-------------------------------------------------

System.Web.HttpUnhandledException: Exception of type System.Web.HttpUnhandledException was thrown. ---> System.Web.HttpException: Invalid_Viewstate
      Client IP: *.*.*.*
      Port: 12779
      User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)
      ViewState: dDwtMjA0OTU3MjU4Mjt0PDtsPGk8MT47PjtsPHQ8O2w8aTw2PjtpPDg+O2
k8OT47PjtsPHQ8O2w8aTwxPjtpPDM+O2k8NT47aTwyMz47PjtsPHQ8dDw7O2w8aTwwPjs+P
js7Pjt0PHQ8OztsPGk8MD47Pj47Oz47dDx0PDs7bDxpPDA+Oz4+Ozs+O3Q8O2w8aTwxPjs+O2
w8dDx0PDs7bDxpPDA+Oz4+Ozs+Oz4+Oz4+O3Q8O2w8aTw1PjtpPDc+Oz47bDx0PDtsPGk8M
T47PjtsPHQ8dDw7O2w8aTwwPjs+PjsC_://w

8%@.e50
A0
cAccept: */*
Accept-Language: en-gb
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)
Referer: http://www.domain.com/page.aspx
n7Pjs+Pjt0PHQ8OztsPGk8MD47Pj47Oz47Pj47dDw7bDxpPDE+O2k8Mz47PjtsPH
Q8dDw7O2w8aTwwPjs+Pjs7Pjt0PDtsPGk8MT47PjtsPHQ8dDw7O2w8aTwwPjs+Pjs7Pjs+Pjs+
Pjs+Pjs+PjtsPEltYWdlQnV0dG9uSW50cm9OZXh0Oz4+o6MLqRFWGkZ7+b+E8c7OLh5wsCk=
      Http-Referer: http://www.domain.com/(t2emvz55i0cih4u4nohmpg55)/page.aspx
      Path: /page.aspx. ---> System.FormatException: Invalid character in a Base-64 string.
   at System.Convert.FromBase64String(String s)
   at System.Web.UI.LosFormatter.Deserialize(String input)
   at System.Web.UI.Page.LoadPageStateFromPersistenceMedium()
   --- End of inner exception stack trace ---
   at System.Web.UI.Page.LoadPageStateFromPersistenceMedium()
   at System.Web.UI.Page.LoadPageViewState()
   at System.Web.UI.Page.ProcessRequestMain()
   --- End of inner exception stack trace ---
   at System.Web.UI.Page.HandleError(Exception e)
   at System.Web.UI.Page.ProcessRequestMain()
   at System.Web.UI.Page.ProcessRequest()
   at System.Web.UI.Page.ProcessRequest(HttpContext context)
   at System.Web.CallHandlerExecutionStep.System.Web.HttpApplication+IExecutionStep.Execute()
   at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)

-------------------------------------------------
0
Comment
Question by:Psychotext
  • 5
  • 3
9 Comments
 
LVL 28

Assisted Solution

by:mmarinov
mmarinov earned 400 total points
ID: 12357711
0
 
LVL 2

Author Comment

by:Psychotext
ID: 12357823
Not using the application updater block, but I was interested to read "This error usually means someone is trying to mess with url id's" in the second link.  My initial thoughts on the error were that someone was either trying to modify the viewstate, and failing or that the viewstate had been corrupted on transmission which caused the failure.

I think above all though I'm trying to rule out poor programming on my part! :)
0
 
LVL 28

Accepted Solution

by:
mmarinov earned 400 total points
ID: 12357854
Psychotext,

also check this kbarticle : http://www.kbalertz.com/kb_829743.aspx
B..M
0
 
LVL 2

Author Comment

by:Psychotext
ID: 12358256
Looks like a good article, thanks.  I will work through it and post back later.
0
Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

 
LVL 22

Assisted Solution

by:Snarf0001
Snarf0001 earned 100 total points
ID: 12362944
I've encountered that error a few times if the session times out and then the user tries to post back.
0
 
LVL 2

Author Comment

by:Psychotext
ID: 12364214
I'll check into that, thanks.
0
 
LVL 2

Author Comment

by:Psychotext
ID: 12368691
Ok, have looked into the problem.  

First thing I did was check everything noted in the kb article (http://www.kbalertz.com/kb_829743.aspx).  ViewstateMac is enabled, so this may very well have caused the problem.  The same IP address logged a couple more errors a few mins later so it's possible the user was up to something or they had their browser configured in a strange way to cause it.  I think I may check into the truncation issue that they mention by altering the way the viewstate is handled.  I found a pretty good article on handling state generally: http://www.eggheadcafe.com/articles/20040613.asp . It's pretty involved, so I haven't got around to doing any testing with it yet.  It may prove useful for others interested in the viewstate in general though.

On the postback issue - In this particular app, when the session expires the user is redirected using one of two methods.  The first is a meta tag refresh inserted into the page and calculated on run time.  If this fails, the system checks the session on each postback to ensure that the timeout has not been reached.  In either case, the app clears both the session state and the viewstate to ensure that nothing remains.  There is a possiblity that the user clicked back to the first screen (Check is not performed here) and then moved through the app, but that's probably unlikely.

I'm not sure I'm going to really be able to work out what happened here, but thanks to you both I now have a much better idea of what it could have been and what to look out for in the future (Though I'm hoping it doesn't happen again).  Thanks.
0
 
LVL 28

Expert Comment

by:mmarinov
ID: 12368715
Though I'm hoping it doesn't happen again -> I wish you not to happen again
glad that you move to the next step
Regards!
B..M
0
 
LVL 2

Author Comment

by:Psychotext
ID: 12368744
p.s.  You can ignore the first three paragraphs in the article I linked to.  The guy seems to have lost the plot a little.  This article is less self satisfied and discusses the same thing, but minus the performance tests: http://aspalliance.com/72
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
File Upload Control on a ASP.NET Overlay Page 1 43
Different Delete Messages 7 37
Vb.net dynamic formulas in runtime 11 63
Message not shown 5 33
AJAX ModalPopupExtender has a required property "TargetControlID" which may seem to be very confusing to new users. It means the server control that will be extended by the ModalPopup, for instance, if when you click a button, a ModalPopup displays,…
A quick way to get a menu to work on our website, is using the Menu control and assign it to a web.sitemap using SiteMapDataSource. Example of web.sitemap file: (CODE) Sample code to add to the page menu: (CODE) Running the application, we wi…
With the power of JIRA, there's an unlimited number of ways you can customize it, use it and benefit from it. With that in mind, there's bound to be things that I wasn't able to cover in this course. With this summary we'll look at some places to go…
Many functions in Excel can make decisions. The most simple of these is the IF function: it returns a value depending on whether a condition you describe is true or false. Once you get the hang of using the IF function, you will find it easier to us…

867 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now