Rank: Member
Groups: Member
Joined: 12/18/2007
Posts: 20
|
I h ave a page with your treeview in your callback. The callback has two image buttons as triggers so that when one button or the other is pressed the treeview gets updated.
Unfortunately this is generating a cross-site scripting error as show below
Description: Request Validation has detected a potentially dangerous client input value, and processing of the request has been aborted. This value may indicate an attempt to compromise the security of your application, such as a cross-site scripting attack. You can disable request validation by setting validateRequest=false in the Page directive or in the configuration section. However, it is strongly recommended that your application explicitly check all inputs in this case.
Is there a way to force a callback to update from server side? Or is there a way to clear the above error?
Duncan
|
Rank: Administration
Groups: Administration
Joined: 5/27/2007
Posts: 24,194
|
Hi,
I am not sure what you mean by force a callback to update from server side. The easiest way for you to clear the above error is just as the message indicates, to disable request validation by setting validateRequest=false in the Page directive. The reason that validateRequest is enabled by default is because a lot of website takes input and then display it back as is, so it's possible for your user to enter some JavaScript code and then have the code run in your page when you display them. So when you disable validateRequest, you want to verify user input does not contain JavaScript. If you have no explicit user input, then you do not need to worry.
Thanks
|