viewstate

问题 My first JSF page was throwing javax.faces.application.ViewExpiredException . while I searched I got this solution which solved my problem. <context-param> <param-name>javax.faces.STATE_SAVING_METHOD</param-name> <param-value>client</param-value> </context-param> But I am concerned about the security implication. 回答1: This doesn't save the "session" in client side at all. This only saves the JSF view state in client side. This is in JSF 2.2 always AES-encrypted with a key which is generated

问题 My first JSF page was throwing javax.faces.application.ViewExpiredException . while I searched I got this solution which solved my problem. <context-param> <param-name>javax.faces.STATE_SAVING_METHOD</param-name> <param-value>client</param-value> </context-param> But I am concerned about the security implication. 回答1: This doesn't save the "session" in client side at all. This only saves the JSF view state in client side. This is in JSF 2.2 always AES-encrypted with a key which is generated

问题 I have the following in my BasePage class which all my ASPX pages derive from: protected override void OnInit(EventArgs e) { base.OnInit(e); ViewStateUserKey = Session.SessionID; } I also have a machineKey set in Web.config . I don't think this error is because of a web farm because this happens on my dev machine too. My host has now upgraded to .NET 3.5 SP1. After this update, everytime I compile with the ViewStateUserKey setting above, I constantly get the "Validation of viewstate MAC

问题 In our application, we have a "BasePage" that declares a number of properties to be used by more or less every page in the app. Inside these properties, they write to ViewState. These are all typically an int or small string value, nothing huge. Typical use is call a web service and hold an id for use within the page, for example. I've used viewstate since I'm wary of the loss of session variables should IIS recycle for example. Also, I figured, very small values would not add hugely to the

问题 I have developed application and its working fine on local with remote DB connection but when its put on live server on every post back event its giving this exception: Server Error in '/openlearningsolutions' Application. Validation of viewstate MAC failed. If this application is hosted by a Web Farm or cluster, ensure that <machineKey> configuration specifies the same validationKey and validation algorithm. AutoGenerate cannot be used in a cluster. Description: An unhandled exception

问题 I'm having some problems in persisting the viewstate on postback for a Control (vb.net) here's some code i've put in my control: Protected Overrides Sub OnInit(ByVal e As System.EventArgs) MyBase.OnInit(e) Me.EnableViewState = True Me.ViewStateMode = System.Web.UI.ViewStateMode.Enabled If Not Page.IsPostBack Then _SortTime = DateTime.Now _SortTime.AddSeconds(-10) ' incase the fileserver and webserver date are out of sync ViewState("PageLoadTimeStamp") = _SortTime End If End Sub onload:

问题 I need to extract the content of the second CDATA element from a response in JMeter. The response looks for example like this: <?xml version='1.0' encoding='UTF-8'?> <partial-response><changes><update id="layout:layoutLeft:treeForm:riverTree"> <![CDATA[<li id="layout:layoutLeft:treeForm:flussgebieteBaum:0_0_0" data-rowkey="0_0_0" class="ui-treenode ui-treenode-parent river default" role="treeitem"> <span class="ui-treenode-content ui-tree-selectable" aria-expanded="false" aria-selected="false

问题 I need to extract the content of the second CDATA element from a response in JMeter. The response looks for example like this: <?xml version='1.0' encoding='UTF-8'?> <partial-response><changes><update id="layout:layoutLeft:treeForm:riverTree"> <![CDATA[<li id="layout:layoutLeft:treeForm:flussgebieteBaum:0_0_0" data-rowkey="0_0_0" class="ui-treenode ui-treenode-parent river default" role="treeitem"> <span class="ui-treenode-content ui-tree-selectable" aria-expanded="false" aria-selected="false

问题 I have an asp.net 2.0 page that contains 2 UpdatePanels . The first panel contains a TreeView control, when I select a node in the three view control it triggers an update of the second UpdatePanel only. This much is behaving correctly. There are two buttons on the page outside of an update panel (previous/next). These buttons trigger an update of both panels. The behaviour of the buttons is to select the adjacent node in the tree. The first time I click on one of these buttons I get the

问题 I have a page with private properties that are storing a credit card object and a shopping cart object in viewstate so I can maintain a reference to them across postbacks. By the way, the page involved will be using SSL. Is this safe? 回答1: I wouldn't store sensitive information in viewstate ... ever . By doing so, you are delegating security to the implementation of the browser for protecting your customers' data. Vulnerabilities like cross-site scripting (XSS), URL-redirection attacks, and