可能可以用下面方法解決
參考網址:
http://blog.janjonas.net/2013-04-18/dotnetnuke-workaround-validation-viewstate-failed-exception-dnn_7-login-form
DotNetNuke: Workaround for “Validation of viewstate MAC failed” exception when using the DNN 7 login form in multiple tabs
DotNetNuke: Workaround for “Validation of viewstate MAC failed” exception when using the DNN 7 login form in multiple tabs
Jan Jonas April 18th, 2013 Comments: 8Categories: Howto, ProgrammingAs I’ve written in one of my previous posts, I found out that one gets a “Validation of viewstate MAC failed” exception when submitting a DNN login form and the login status has changed from “not logged in” to “logged in” after the login form initially was loaded (e.g. by using an addition browser tab to log in).
After contacting the DNN support team it turned out, that this is not a bug, but a security feature in DNN. In detail, DNN adds the username of the current session to the APS.NET ViewStateUserKey (see “Take Advantage of ASP.NET Built-in Features to Fend Off Web Attacks” on MSDN for more information).
In DNN profession knowledge base, two resolutions are described which both have their drawbacks:
•One could edit the Default.aspx.cs and remove the username from the ViewStateUserKey which has to be done after each DNN update because Default.aspx.cs will be overwritten when updating the framework.
•One could disable “ViewState MAC validation” entirely by setting enableViewStateMac to false in Web.config file which is not recommended due to security problems.I finally came up with the following code snippet that I’ve added to the code behind file of the skin:
protected override void OnInit(EventArgs e)
{
// Catch "Validation of viewstate MAC failed" exceptions and redirect the user
// to the current page (i.e. force a redirect on the client)
Page.Error += (sender, args) =>
{
if (!(HttpContext.Current.Error is HttpException)) return;
if (!(HttpContext.Current.Error.InnerException is ViewStateException)) return;
HttpContext.Current.Response.Clear();
Response.Redirect(Request.UrlReferrer == null ? Request.Url.ToString() : Request.UrlReferrer.ToString());
};
base.OnInit(e);
}
In detail the code above adds an error handler that catches “Validation of viewstate MAC failed” exceptions and forces the client to reload the current page in case of such an excpetion (which updates the ViewStateUserKey according to the current session state). Since this error handler needs to be added on every page, the skin is the perfect place to put the code into.
Related posts:
1DotNetNuke: “Validation of viewstate MAC failed” exception when using the DNN 7 login form in multiple tabs 2ASP.NET MVC 3: Ajax Form with jQuery validate supporting (unobtrusive) Client Side Validation and Server Side Validation 3ASP.NET MVC 3: Using jQuery .ajax() function to submit Ajax Form supporting (unobtrusive) Client Side Validation and Server Side Validation 4ASP.NET MVC 3: Using JSON result for jQuery Ajax Forms validation 5ASP.NET MVC 3: Validate complex Types (Objects & Lists) in Ajax Form using jQuery and JSON on Client Side and Server Side
沒有留言:
張貼留言