Tuesday, January 02, 2007
Postback grief: some causes and a cure
Validity checking can be disabled for all pages in web.config:
<~pages buffer="true" validateRequest="true"
Validity checking can be disabled for individual pages by adding markup attributes ValidateRequest="false" and EnableEventValidation="false" to Page directives. Although sometimes recommended by novices, these are usually poor approaches, since they will open major security holes in applications. Yet how else to prevent users from tripping across ugly error boxes? Microsoft does not advise, and neither do makers of third-party controls such as Telerik.
Many such problems can be solved by strategic testing and design. Pages that contain bulky data or self-constructing controls must be tested aggressively to see whether early user action can cause errors. If such errors can occur, then controls that would provoke them need to be kept hidden until a page's controls have all been processed by a browser. The trouble-provoking controls are often buttons, but any control that is configured to generate a postback or an AJAX callback may be the source of a problem.
var oControl = document.getElementById
('<~% = ofControl.ClientID %~>');
if (oControl != null)
oControl.style.visibility = 'visible';
[Note: because of display limitations, characters "< " and " >" here are shown with a tilde ~ after or before them.]
Subscribe to Posts [Atom]