Admin TreeView Error

Posted By jcosmo Fri 4 Dec 2015
Add to Favorites0
Author Message
jcosmo
 Posted Fri 4 Dec 2015
Supreme Being

Supreme Being - (10,803 reputation)Supreme Being - (10,803 reputation)Supreme Being - (10,803 reputation)Supreme Being - (10,803 reputation)Supreme Being - (10,803 reputation)Supreme Being - (10,803 reputation)Supreme Being - (10,803 reputation)Supreme Being - (10,803 reputation)Supreme Being - (10,803 reputation)

Group: Forum Members
Last Active: Tue 16 Feb 2016
Posts: 19, Visits: 117
In the Admin, if I go into an existing product and add a second category and hit save, the following error appears in the TreeView node of the new category:


Invalid postback or callback argument. Event validation is enabled using <pages enableEventValidation="true"/> in configuration or <%@ Page EnableEventValidation="true" %> in a page. For security purposes, this feature verifies that arguments to postback or callback events originate from the server control that originally rendered them. If the data is valid and expected, use the ClientScriptManager.RegisterForEventValidation method in order to register the postback or callback data for validation.


Is this a known error and is there a fix to it? It's true that EnableEventValidation is set to true, but for security reasons that setting should be preserved if possible, and that it how Kartris came.
Tiggywiggler Marked As Answer
 Posted Tue 22 Dec 2015
Supreme Being

Supreme Being - (124,064 reputation)Supreme Being - (124,064 reputation)Supreme Being - (124,064 reputation)Supreme Being - (124,064 reputation)Supreme Being - (124,064 reputation)Supreme Being - (124,064 reputation)Supreme Being - (124,064 reputation)Supreme Being - (124,064 reputation)Supreme Being - (124,064 reputation)

Group: Forum Members
Last Active: Mon 6 Dec 2021
Posts: 235, Visits: 750
This problem flares up a lot in the past year due to the security changes that Microsoft made in .Net. It can be worked around but requires quite a bit of work on the back end.

the security risks come if someone is injectign code into the HTML response but as you are in the admin page, if you have a hacker on this page you have already lost so there isn't really a risk to you here. You should be able to disable this validation check without any adverse problems.

If you get this alert on a front end page (non admin) then it would be a different story. in the end we will need to rewrite the dynamic content to work around this issue but it takes time, a lot of it.


We are always willing to help out the community or pitch in to help you fix a problem. However, if you want a complete solution made such as a code module or new feature added you have two options. Either
1) Reach out to the Kartris internal development team at http://www.kartris.com/Contact.aspx.
2) Contact one of the Kartris approved partners at http://www.kartris.com/t-Worldwide-Developers.aspx.

Have fun and good luck coding.
Paul Marked As Answer
 Posted Fri 1 Jan 2016
große Käse

große Käse - (522,304 reputation)große Käse - (522,304 reputation)große Käse - (522,304 reputation)große Käse - (522,304 reputation)große Käse - (522,304 reputation)große Käse - (522,304 reputation)große Käse - (522,304 reputation)große Käse - (522,304 reputation)große Käse - (522,304 reputation)

Group: Administrators
Last Active: Tue 10 Sep 2024
Posts: 807, Visits: 2,748
Couldn't figure out why I was not getting this when testing the project, turns out it is disabled in the main web config we have in our codeplex project, but not in the 'clean' web config that we use when building new zips. That is fixed now, so the next release should not have this problem. Note that we only disable it for the Admin folder, which as Tiggywiggler points out, doesn't really pose security issues as if you have access to the back end there are far bigger fish to fry in terms of messing things up.

--
If my post solves your issue, can you 'Mark as Answer' so it's easier for other users to find in future.

If you would like to be informed of new features, new releases, developments and occasional special bonuses, please sign up to our mailing list: http://bit.ly/19sKMZb
Fri 1 Jan 2016 by Paul

Similar Topics

Expand / Collapse

Reading This Topic

Expand / Collapse

Back To Top