Link to home
Start Free TrialLog in
Avatar of mathieu_cupryk
mathieu_cuprykFlag for Canada

asked on

Invalid postback.

if u goto omegalove.com and try to log in with
username:macupryk and password:cupryk you will get
can someone help with this.
Server Error in '/' Application.
--------------------------------------------------------------------------------

Invalid postback or callback argument.  Event validation is enabled using <pages enableEventValidation="true"/> in configuration or <%@ Page EnableEventValidation="true" %> in a page.  For security purposes, this feature verifies that arguments to postback or callback events originate from the server control that originally rendered them.  If the data is valid and expected, use the ClientScriptManager.RegisterForEventValidation method in order to register the postback or callback data for validation.
Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

Exception Details: System.ArgumentException: Invalid postback or callback argument.  Event validation is enabled using <pages enableEventValidation="true"/> in configuration or <%@ Page EnableEventValidation="true" %> in a page.  For security purposes, this feature verifies that arguments to postback or callback events originate from the server control that originally rendered them.  If the data is valid and expected, use the ClientScriptManager.RegisterForEventValidation method in order to register the postback or callback data for validation.

Source Error:

An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.  

Stack Trace:


[ArgumentException: Invalid postback or callback argument.  Event validation is enabled using <pages enableEventValidation="true"/> in configuration or <%@ Page EnableEventValidation="true" %> in a page.  For security purposes, this feature verifies that arguments to postback or callback events originate from the server control that originally rendered them.  If the data is valid and expected, use the ClientScriptManager.RegisterForEventValidation method in order to register the postback or callback data for validation.]
   System.Web.UI.ClientScriptManager.ValidateEvent(String uniqueId, String argument) +8620921
   System.Web.UI.Control.ValidateEvent(String uniqueID, String eventArgument) +72
   System.Web.UI.WebControls.DropDownList.LoadPostData(String postDataKey, NameValueCollection postCollection) +53
   System.Web.UI.WebControls.DropDownList.System.Web.UI.IPostBackDataHandler.LoadPostData(String postDataKey, NameValueCollection postCollection) +13
   System.Web.UI.Page.ProcessPostData(NameValueCollection postData, Boolean fBeforeLoad) +346
   System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +1743

 


--------------------------------------------------------------------------------
Version Information: Microsoft .NET Framework Version:2.0.50727.3053; ASP.NET Version:2.0.50727.3053
Avatar of hakkekushou
hakkekushou
Flag of United States of America image
Without much information to go on you can simply add EnableEventValidation="false" and whatever is causing this will be unable to cause it. However it decreases security in regards to automatic cross site scripting and SQL injection attempts depending on how things are set up. Also you would want to get to the root of the problem and not apply the band-aid I mentioned above. You will want to look at aspects such as are you posting to a page on a different URL Since it seems to be submitting login information I would not suggest the use of a GET based called using querystring paramters (?name=value&name=value).
ASKER CERTIFIED SOLUTION
Avatar of jinn_hnnl
jinn_hnnl
Flag of Netherlands image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of mathieu_cupryk
mathieu_cupryk
Flag of Canada image

ASKER

If you have a control such as an ascx page where every u include this u must have enableEventValidation="false" . So where ever you are posting to the next page. For instance if i login from the master page and I am going to the profile.aspx page. then u must include this.
Avatar of jinn_hnnl
jinn_hnnl
Flag of Netherlands image
Yeah thanks for the remark,

The EventValidation is for checking and preventing JS injection, sometimes its really annoy so we disable them, but we better do it in such way it never raises. Sometimes you can see the source after and before postback the clientID of controls are different. This is because the auto generate mechanism of dot net on dynamic control, espcially in case of UpdatePanel. This will cause quite a lot of problem.

Glad you work it out, ^^

I think hakkekushou deserve some credit too. ^^