asp.net 警告 Web Event 事件ID 1309
asp.net iis server 警告 事件 1309 Event code: 3003
观察服务器的事件日志,发现应用程序中,有很多“警告”条目,具体休息如下:
事件类型: 警告
事件来源: ASP.NET 2.0.50727.0
事件种类: Web Event
事件 ID: 1309
日期: 2007-12-27
事件: 18:00:06
用户: N/A
计算机: LOGICBOX_SERVER
描述:
Event code: 3003
Event message: A validation error has occurred.
Event time: 2007-12-27 18:00:06
Event time (UTC): 2007-12-27 10:00:06
Event ID: b48041326280416a9ff837ab1d727c7c
Event sequence: 649
Event occurrence: 2
Event detail code: 0
Application information:
Application domain: /LM/W3SVC/1/ROOT-1-128431656694218750
Trust level: Full
Application Virtual Path: /
Application Path:
Machine name: SERVER
Process information:
Process ID: 1416
Process name: w3wp.exe
Account name: NT AUTHORITY\NETWORK SERVICE
Exception information:
Exception type: HttpRequestValidationException
Exception message: A potentially dangerous Request.Form value was detected from the client (content="...hank!!!
<a href=http://payda...").
Request information:
Request URL: http://www.ljf.cn/PostTalk.aspx
Request path: /PostTalk.aspx
User host address: 76.109.25.136
User:
Is authenticated: False
Authentication Type:
Thread account name: NT AUTHORITY\NETWORK SERVICE
Thread information:
Thread ID: 5
Thread account name: NT AUTHORITY\NETWORK SERVICE
Is impersonating: True
Stack trace: at System.Web.HttpRequest.ValidateString(String s, String valueName, String collectionName)
at System.Web.HttpRequest.ValidateNameValueCollection(NameValueCollection nvc, String collectionName)
at System.Web.HttpRequest.get_Form()
at System.Web.HttpRequest.get_HasForm()
at System.Web.UI.Page.GetCollectionBasedOnMethod(Boolean dontReturnNull)
at System.Web.UI.Page.DeterminePostBackMode()
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
at System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
at System.Web.UI.Page.ProcessRequest()
at System.Web.UI.Page.ProcessRequestWithNoAssert(HttpContext context)
at System.Web.UI.Page.ProcessRequest(HttpContext context)
at ASP.posttalk_aspx.ProcessRequest(HttpContext context) in d:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\root\8b86f91a\d78de033\App_Web_d8ljq3ic.8.cs:line 0
at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
Custom event details:
有关更多信息,请参阅在 http://go.microsoft.com/fwlink/events.asp 的帮助和支持中心。
在GOOGLE上搜了一下,发现也有很多站长碰到了同样的问题,但是没有解决的方法。仔细阅读了警告本身的内容,觉得其中有一项很眼熟,对,就是这一项:
Exception message: A potentially dangerous Request.Form value was detected from the client (content="...hank!!!
<a href=http://payda...").
难道是网站客户在留言时发广告带HTML代码而产生的程序错误?应该就是!查源程序,果然没有加入VALIDATIONREQUEST="FALSE"一项。
处理办法:在页首加入validationRequest="false"属性,使用户发可以布带HTML标签的内容。至于你是否允许这些HTML内容存在,再在后面的程序中进行处理。
目前处理方式:把左括号和右键号用<和>代替了。
发文测试,不再出现这个警告。
- asp.net:在using语句中使用return语句!
- asp.net中 UrlEncode 的编码问题
- asp.net 设计模式之——单例模式
- Asp.net 2.0 关于Header/title/Meta tages/Style操作的一点小技巧
- templateEngine2 asp.net 开源模板引擎
- asp.net中的缓存机制(一):页面缓存
- 没有对“C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files”的写访问权限
- params关键字:参数数目可变
- 开源的asp.net wiki系统
- ASP.Net中的HttpHandler,自定义Http处理及应用的原理和实现方法