最近做了一个发表评论的模块。发现有一个BUG:在TextBox中输入"="或"!",提交页面都会出现如下报错。(其他字符似乎都可以)错误代码:
Sys.WebForms.PageRequestManagerParserErrorException: The message received from the server could not be parsed. Common causes for this error are when the response is modified by calls to Response.Write(), response filters, HttpModules, or server trace is enabled.
Details: Error parsing near '<script type='text/j'.
http://localhost/ScriptResource.axd?d=tHconbGLshd8WGRVq289hIhxLJOt7Nrj5jtK2g28s8p6TKlAprYlGzNp7sBKJe5LWxuGQiccSORuoryA1UIjpyAFyGwiyP2OYLGhudYxvn5XrvCYy22IVSqII7Nk2JLW0&t=ffffffff948cd86f
Line 1021在后台程序中,我对输入的异常字符都进行了过滤,但是就算把后台提交的代码删除。这个报错依然存在(也就是说,输入"="或"!",点击提交按钮,后台没有执行任何事件,也会出现上述错误)网上查了一下,说是要把validaterequest设为false,但我试过在Webconfig添加,在页面添加,在Textbox上修改causersValidater属性为false都没用。比较长,希望各位能帮我一下。100分吧
Sys.WebForms.PageRequestManagerParserErrorException: The message received from the server could not be parsed. Common causes for this error are when the response is modified by calls to Response.Write(), response filters, HttpModules, or server trace is enabled.
Details: Error parsing near '<script type='text/j'.
http://localhost/ScriptResource.axd?d=tHconbGLshd8WGRVq289hIhxLJOt7Nrj5jtK2g28s8p6TKlAprYlGzNp7sBKJe5LWxuGQiccSORuoryA1UIjpyAFyGwiyP2OYLGhudYxvn5XrvCYy22IVSqII7Nk2JLW0&t=ffffffff948cd86f
Line 1021在后台程序中,我对输入的异常字符都进行了过滤,但是就算把后台提交的代码删除。这个报错依然存在(也就是说,输入"="或"!",点击提交按钮,后台没有执行任何事件,也会出现上述错误)网上查了一下,说是要把validaterequest设为false,但我试过在Webconfig添加,在页面添加,在Textbox上修改causersValidater属性为false都没用。比较长,希望各位能帮我一下。100分吧
解决方案 »
- 哪位能帮我仿一下http://www.bsyland.com博兰知识产权网站上的菜单是怎么实现的???
- (倾家荡产了)装iis6.0 找不到iisadmin.mfl和iisadmin.mf_两个文件
- (急,在线等)向好心人求一个oracle_net.msi安装程序
- 在DataGrid中如何删除带有外键约束的纪录呢?(C#)
- 打印格式的问题?谢谢了
- 一个程序设计好之后,我通常都是重新生成解决方案后把所有文件、代码都拷贝到服务器中,是不是可以拷贝某些文件而不拷贝代码就可以??
- 请教一个反射问题,如何取得当前页中自定义方法
- 美国史上最成功的整容手术,让人惊叹!
- 关于进程和session的部题,请高手指教
- 为什么我这样定义没用?
- 求助,如何调点击确定后台cs代码?
- 【求助】从ASPX页面上提交到C#代码中,DataGrid中的DropDownList丢失
在TextBox中输入= 和!没有出现你说的错误。但是输入<xml>出现了下列错误:A potentially dangerous Request.Form value was detected from the client (TextBox1="<xml>").
Description: Request Validation has detected a potentially dangerous client input value, and processing of the request has been aborted. This value may indicate an attempt to compromise the security of your application, such as a cross-site scripting attack. You can disable request validation by setting validateRequest=false in the Page directive or in the configuration section. However, it is strongly recommended that your application explicitly check all inputs in this case. Exception Details: System.Web.HttpRequestValidationException: A potentially dangerous Request.Form value was detected from the client (TextBox1="<xml>").
这个错误确实是可以通过ValidateRequest="false"消除的<%@ Page Language="C#" AutoEventWireup="true" CodeBehind="WebForm4.aspx.cs" Inherits="testWebApp.WebForm4" ValidateRequest="false"%>
对URL传参进行转义 server.urlEncode
看了一下,customErrors设置的是off,好像不是这个原因
= =。我试了一下,新建了一个空白的TextBox和按钮,输入!点击也会报错
<%@ Register Namespace="Intelligencia.UrlRewriter" Assembly="Intelligencia.UrlRewriter" TagPrefix="rewriter" %>
<%@ Register Namespace="AjaxControlToolkit" Assembly="AjaxControlToolkit" TagPrefix="Toolkit" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:v="urn:schemas-microsoft-com:vml">
<head runat="server">
<title>网购比价,产品推荐,用户评价的专业导购网站 - 货比三家</title>
<asp:contentplaceholder id="cphmeta" runat="server">
<meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<meta name="Description" content="" />
<meta name="Keywords" content="" />
</asp:contentplaceholder>
<link rel="shortcut icon" href="/favicon.ico"/>
<link href="/css/default.css" rel="stylesheet" type="text/css" />
<script type="text/javascript" src="/script/jquery.js"></script>
</head>
<body>
<rewriter:form ID="Form1" runat="server">
<Toolkit:ToolkitScriptManager ID="sm" runat="server"/>
<asp:ContentPlaceHolder id="ContentPlaceHolder1" runat="server">
子页面的内容
</asp:ContentPlaceHolder>
</rewriter:form> 因为用了rewriter插件。所以用了<rewriter:form> 代替<form>,我也试过使用<form>,也会出错
<Toolkit:ToolkitScriptManager ID="sm" runat="server"/>,这个我尝试过改成ScriptManager,也不行
其实是使用ajax控件问题,你可以不用微软提供的ajax控件。改用别的方法吧