Try our conversational search powered by Generative AI!

AI OnAI Off

Composer with PageTypeBuilder and on Net 4.0 Error

Victor Dollero
Victor Dollero
Vote:
 

Hello there,


I've created composer templates and functions using PageTypeBuilder as described in the following page:

http://dungle30.wordpress.com/tag/episerver-2/

I also converted the site to .NET 4.0. following the instructions in this page:

http://world.episerver.com/Articles/Items/EPiServer-CMS-60-now-supporting-ASPNET-40/

 

I've managed to view the Composer control and I am able to drag and drop a function from the ToolBox into the composer area.

However, when I try to edit the functions, I get this exception:

System.Web.HttpRequestValidationException: A potentially dangerous Request.QueryString value was detected from the client (cfs="<cf pid="222" wid="1...").

I already applied the suggestions on the following page:

http://world.episerver.com/Articles/Items/EPiServer-Community-4-Composer-4-and-Mail-5-now-supporting-ASPNET-40/


These last instructions mainly point to setting the validateRequest to false which I've done on the composer template. I have even set this value to false in many of the Dropit files (i.e. PropertyEditor.aspx) but problem persists.

Might any of you have any ideas on how to solve this?

Cheers,


Victor

 

Here's the full error:

Server Error in '/' Application.

A potentially dangerous Request.QueryString value was detected from the client (cfs="<cf pid="222" wid="1...").

Description: Request Validation has detected a potentially dangerous client input value, and processing of the request has been aborted. This value may indicate an attempt to compromise the security of your application, such as a cross-site scripting attack. To allow pages to override application request validation settings, set the requestValidationMode attribute in the httpRuntime configuration section to requestValidationMode="2.0". Example: <httpRuntime requestValidationMode="2.0" />. After setting this value, you can then disable request validation by setting validateRequest="false" in the Page directive or in the <pages> configuration section. However, it is strongly recommended that your application explicitly check all inputs in this case. For more information, see http://go.microsoft.com/fwlink/?LinkId=153133.

Exception Details: System.Web.HttpRequestValidationException: A potentially dangerous Request.QueryString value was detected from the client (cfs="<cf pid="222" wid="1...").

Source Error:

An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.


Stack Trace: 

[HttpRequestValidationException (0x80004005): A potentially dangerous Request.QueryString value was detected from the client (cfs="<cf pid="222" wid="1...").]
   System.Web.HttpRequest.ValidateString(String value, String collectionKey, RequestValidationSource requestCollection) +8734868
   System.Web.HttpRequest.ValidateNameValueCollection(NameValueCollection nvc, RequestValidationSource requestCollection) +122
   System.Web.HttpRequest.get_QueryString() +56
   EPiServer.Global.Global_PreRequestHandlerExecute(Object sender, EventArgs e) +185
   System.Web.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() +148
   System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +75


Version Information: Microsoft .NET Framework Version:4.0.30319; ASP.NET Version:4.0.30319.1

#46627
Dec 21, 2010 17:00
Victor Dollero
Victor Dollero
Vote:
 

Hello again,

I found what the problem was.

I had already tried modifying the two httpRuntime elements that were on the file to look like this:

<httpRuntime requestValidationMode="2.0" />

What I hadn’t tried is to add extra httpRuntime elements just before other <pages> elements that didn’t have it. It seems to work now.

 

Cheers,


Victor

#46651
Dec 22, 2010 17:21
Victor Dollero
Victor Dollero
Vote:
 

For reference, here are some files that might prove helpful. More detail on these can be found on these helpful posts:

  • http://dungle30.wordpress.com/tag/episerver-2/
  • http://world.episerver.com/Articles/Items/EPiServer-Community-4-Composer-4-and-Mail-5-now-supporting-ASPNET-40/
  • http://world.episerver.com/Articles/Items/EPiServer-CMS-60-now-supporting-ASPNET-40/

 

**************************** PageWidePageType.cs

using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using Dropit.Extension.UI.WebControls;
using PageTypeBuilder;
using Dropit.Extension.SpecializedProperties;
using EPiServer.Core;
using EPiServer.DataAbstraction;
using EPiServer;
using EPiServer.SpecializedProperties;
using EPiServer.Editor;

namespace EPiServer.ComposerSampleTemplates.Composer.PageTypes
{
    [PageType(Filename = "~/Composer/Pages/PageWide.aspx",
                         Name = "[ExtensionSys] Composer wide page",
                         AvailableInEditMode = true,
                         Description = "Creating Composer page using full content area.")]
    public class PageWidePageType : TypedPageData
    {

        [PageTypeProperty(Type = typeof(ExtensionContentAreaProperty),
            DisplayInEditMode = false, Searchable = true,
            UniqueValuePerLanguage = false,
            Tab = typeof(ComposerTab))]

        public virtual string MainArea { get; set; }

        [PageTypeProperty(Type = typeof(ExtensionPageProperty),
            DisplayInEditMode = true, Searchable = true,
            Tab = typeof(ComposerTab))]

        public virtual string ExtensionPageProperty { get; set; }

    }

}

 

**************************** PageWide.aspx.cs

using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using Dropit.Extension.Core;
using PageTypeBuilder.UI;
using EPiServer;
using EPiServer.Core;

namespace EPiServer.Composer.Pages
{
    public partial class PageWide : TemplatePage<EPiServer.ComposerSampleTemplates.Composer.PageTypes.PageWidePageType>
    {
        //Add a ExtensionPageHandler for enable Composer
        private readonly ExtensionPageHandler _extensionHandler;

        public PageWide() : base(0, 0)//extended by default
        {
            // create an instance of ExtensionPageHandler
            _extensionHandler = new ExtensionPageHandler();
        }
        
        protected override void OnInit(EventArgs e)
        {
            base.OnInit(e);

            //It’s important that _exten// initialize ExtensionPageHandler instance
            // must always be placed at this positionsionHandler initialized after base.OnInit.

            _extensionHandler.Initialize(this);
        }
        
        protected void Page_Load(object sender, EventArgs e)
        {

        }
    }
}

 

**************************** PageWide.aspx

<%@ Page Language="C#" MasterPageFile="~/Composer/MasterPages/Main.master"
    AutoEventWireup="false" CodeBehind="PageWide.aspx.cs" Inherits="EPiServer.Composer.Pages.PageWide"
    Title="Untitled Page"  ValidateRequest="false" %>

<asp:Content ID="Content1" ContentPlaceHolderID="MainRegion" runat="server">

<!--
        The page contains only one single Extension content area: MainArea.
        Using divider functions for designing the layout
-->
    <div id="StageArea" class="StartPage" style="min-height:100px;">
        <Extension:ExtensionContentArea runat="server" ID="MainArea" Description="MainArea using all available space" />
    </div>
</asp:Content>

**************************** TestContentFunction.cs

using System;
using Dropit.Extension.SpecializedProperties;
using PageTypeBuilder;

namespace EPiServer.ComposerSampleTemplates.Composer.PageTypes
{
    [PageType(Filename = "/composer/functions/text.ascx", AvailableInEditMode = true, Name = "[ExtensionSys] Test Article Function", Description = "Test Article Function")]

    public class TestContentFunction : TypedPageData
    {

        [PageTypeProperty(Type = typeof(ExtensionFunctionProperty),
            DisplayInEditMode = false,
            Searchable = false,
            UniqueValuePerLanguage = true,
            Tab = typeof(ComposerTab))]

        public virtual string ExtensionContentFunctionProperty { get; set; }

        [PageTypeProperty(UniqueValuePerLanguage = false,
            Searchable = false, DisplayInEditMode = false,
            Tab = typeof(ComposerTab))]

        public virtual bool NeverUsedProperty { get; set; }

        [PageTypeProperty(UniqueValuePerLanguage = false,
            Searchable = true, DisplayInEditMode = true,
            Tab = typeof(ComposerTab),
            EditCaption = "Heading text")]

        public virtual string Heading { get; set; }

        [PageTypeProperty(UniqueValuePerLanguage = false,
            Searchable = true, DisplayInEditMode = true,
            Tab = typeof(ComposerTab),
            EditCaption = "Body text")]

        public virtual string MainBody { get; set; }

    }

}

**************************** Text.ascx.cs

using Dropit.Extension.Core;

namespace EPiServer.Composer.Functions
{
    public partial class Text : BaseContentFunction
    {
        
    }
}

 

**************************** Text.ascx

<%@ Control Language="C#" AutoEventWireup="false" Codebehind="Text.ascx.cs" Inherits="EPiServer.Composer.Functions.Text"%>
<!--
Simple function for displaying a heading and body text
======================================================
1. Properties for this function:
    Heading (string)
    MainBody (xhtml).
2. Use the <Extension:Property> instead of <EPiServer:Property> for displaying the value.
-->
<div>
    <h2>
        <Extension:Property
            ID="propHeading"
            PropertyName="Heading"
            runat="server" />
    </h2>
</div>
<div style="padding-top:10px;">
    <Extension:Property
            ID="Property1"
            PropertyName="MainBody"
            runat="server" />
</div>

 

**************************** ComposerTab.cs

using EPiServer.Security;

using PageTypeBuilder;

namespace EPiServer.ComposerSampleTemplates.Composer.PageTypes
{
    public class ComposerTab : Tab
    {

        #region Overrides of Tab



        public override string Name
        {

            get { return "Extension"; }

        }



        public override AccessLevel RequiredAccess
        {

            get { return AccessLevel.Edit; }

        }



        public override int SortIndex
        {

            get { return 1000; }

        }



        #endregion

    }

}

 

#46652
Dec 22, 2010 17:34
Daniel Badro
Daniel Badro
Vote:
 

Bumping an old thread here...

Ok so no info that worked was found, I solved the vaildate request issue simply by adding

<pages enableEventValidation="false" validateRequest="false" controlRenderingCompatibilityVersion="3.5" clientIDMode="AutoID"></pages>

to the  <location path="dropit/plugin/extension/ui/edit">

<location path="dropit/plugin/extension/ui/edit">
<system.web>
<pages enableEventValidation="false" validateRequest="false" controlRenderingCompatibilityVersion="3.5" clientIDMode="AutoID"></pages>
<httpRuntime requestValidationMode="2.0" maxRequestLength="1000000" />
<authorization>
<allow roles=\EPI_Webadmins_test-U" />
<deny users="*" />
</authorization>
</system.web>
</location>

 

that worked!

#61501
Sep 20, 2012 16:55
This thread is locked and should be used for reference only. Please use the Legacy add-ons forum to open new discussions.
* You are NOT allowed to include any hyperlinks in the post because your account hasn't associated to your company. User profile should be updated.