Home Search Tags Members

Home » Kartris ASP.NET Ecommerce Software » Kartris technical issues » Admin TreeView Error

Admin TreeView Error

Posted By jcosmo Fri 4 Dec 2015
Add to Favorites0

Admin TreeView Error

Topic View Topic View Topic Options Topic Options
Author Message
jcosmo
Posted Fri 4 Dec 2015
Supreme Being

Supreme Being - (9,235 reputation)Supreme Being - (9,235 reputation)Supreme Being - (9,235 reputation)Supreme Being - (9,235 reputation)Supreme Being - (9,235 reputation)Supreme Being - (9,235 reputation)Supreme Being - (9,235 reputation)Supreme Being - (9,235 reputation)Supreme Being - (9,235 reputation)

Group: Forum Members
Last Active: Tue 16 Feb 2016
Posts: 19, Visits: 117
In the Admin, if I go into an existing product and add a second category and hit save, the following error appears in the TreeView node of the new category:


Invalid postback or callback argument. Event validation is enabled using <pages enableEventValidation="true"/> in configuration or <%@ Page EnableEventValidation="true" %> in a page. For security purposes, this feature verifies that arguments to postback or callback events originate from the server control that originally rendered them. If the data is valid and expected, use the ClientScriptManager.RegisterForEventValidation method in order to register the postback or callback data for validation.


Is this a known error and is there a fix to it? It's true that EnableEventValidation is set to true, but for security reasons that setting should be preserved if possible, and that it how Kartris came.
Post Information
Tiggywiggler Marked As Answer
Posted Tue 22 Dec 2015
Supreme Being

Supreme Being - (107,156 reputation)Supreme Being - (107,156 reputation)Supreme Being - (107,156 reputation)Supreme Being - (107,156 reputation)Supreme Being - (107,156 reputation)Supreme Being - (107,156 reputation)Supreme Being - (107,156 reputation)Supreme Being - (107,156 reputation)Supreme Being - (107,156 reputation)

Group: Forum Members
Last Active: Mon 6 Dec 2021
Posts: 235, Visits: 750
This problem flares up a lot in the past year due to the security changes that Microsoft made in .Net. It can be worked around but requires quite a bit of work on the back end.

the security risks come if someone is injectign code into the HTML response but as you are in the admin page, if you have a hacker on this page you have already lost so there isn't really a risk to you here. You should be able to disable this validation check without any adverse problems.

If you get this alert on a front end page (non admin) then it would be a different story. in the end we will need to rewrite the dynamic content to work around this issue but it takes time, a lot of it.

We are always willing to help out the community or pitch in to help you fix a problem. However, if you want a complete solution made such as a code module or new feature added you have two options. Either
1) Reach out to the Kartris internal development team at http://www.kartris.com/Contact.aspx.
2) Contact one of the Kartris approved partners at http://www.kartris.com/t-Worldwide-Developers.aspx.
Have fun and good luck coding.
Post Information
Paul Marked As Answer
Posted Fri 1 Jan 2016
große Käse

große Käse - (456,774 reputation)große Käse - (456,774 reputation)große Käse - (456,774 reputation)große Käse - (456,774 reputation)große Käse - (456,774 reputation)große Käse - (456,774 reputation)große Käse - (456,774 reputation)große Käse - (456,774 reputation)große Käse - (456,774 reputation)

Group: Administrators
Last Active: 4 hours ago
Posts: 806, Visits: 2,738
Couldn't figure out why I was not getting this when testing the project, turns out it is disabled in the main web config we have in our codeplex project, but not in the 'clean' web config that we use when building new zips. That is fixed now, so the next release should not have this problem. Note that we only disable it for the Admin folder, which as Tiggywiggler points out, doesn't really pose security issues as if you have access to the back end there are far bigger fish to fry in terms of messing things up.

--
If my post solves your issue, can you 'Mark as Answer' so it's easier for other users to find in future.

If you would like to be informed of new features, new releases, developments and occasional special bonuses, please sign up to our mailing list: http://bit.ly/19sKMZb
Edited Fri 1 Jan 2016 by Paul
Post Information

Similar Topics

Expand / Collapse

Reading This Topic

Expand / Collapse

Back To Top

Powered By InstantForum.NET 2012-1 © 2024
Execution: 0.125. 8 queries. Compression Enabled.