How do we use Custom HTML?

Jan 8, 2010 at 3:11 PM

Rickard,

How do we use Custom HTML, I see a page in the Admin section, but it dosent show up. I also see it in the drop down for sections.

Regards,
Tommy Havens

Jan 8, 2010 at 3:45 PM

Ok - I added it under administration in the SiteMap in App_Data. I am getting an error though when I try and save my Footer file. Hmm

Tommy

Coordinator
Jan 8, 2010 at 3:47 PM

Hi Tommy What error did you get?

Jan 8, 2010 at 3:49 PM
Edited Jan 8, 2010 at 4:32 PM

 

Server Error in '/' Application.

A potentially dangerous Request.Form value was detected from the client (ctl00_mainContent_txtHtml_ctl00="<STRONG>TEST</STRONG...").

Description: Request Validation has detected a potentially dangerous client input value, and processing of the request has been aborted. This value may indicate an attempt to compromise the security of your application, such as a cross-site scripting attack. You can disable request validation by setting validateRequest=false in the Page directive or in the configuration section. However, it is strongly recommended that your application explicitly check all inputs in this case.

Exception Details: System.Web.HttpRequestValidationException: A potentially dangerous Request.Form value was detected from the client (ctl00_mainContent_txtHtml_ctl00="<STRONG>TEST</STRONG...").

Source Error:

[No relevant source lines]


Source File: c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\root\a260cf23\55eb4dce\App_Web_suygdrob.8.cs    Line: 0

Stack Trace:

[HttpRequestValidationException (0x80004005): A potentially dangerous Request.Form value was detected from the client (ctl00_mainContent_txtHtml_ctl00="<STRONG>TEST</STRONG...").]
   System.Web.HttpRequest.ValidateString(String s, String valueName, String collectionName) +8721914
   System.Web.HttpRequest.ValidateNameValueCollection(NameValueCollection nvc, String collectionName) +111
   System.Web.HttpRequest.get_Form() +129
   System.Web.HttpRequest.get_HasForm() +8722023
   System.Web.UI.Page.GetCollectionBasedOnMethod(Boolean dontReturnNull) +97
   System.Web.UI.Page.DeterminePostBackMode() +63
   System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +6785
   System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +242
   System.Web.UI.Page.ProcessRequest() +80
   System.Web.UI.Page.ProcessRequestWithNoAssert(HttpContext context) +21
   System.Web.UI.Page.ProcessRequest(HttpContext context) +49
   ASP.administration_customhtml_aspx.ProcessRequest(HttpContext context) in c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\root\a260cf23\55eb4dce\App_Web_suygdrob.8.cs:0
   System.Web.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() +181
   System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +75



Version Information: Microsoft .NET Framework Version:2.0.50727.3603; ASP.NET Version:2.0.50727.3082

<!-- [HttpRequestValidationException]: A potentially dangerous Request.Form value was detected from the client (ctl00_mainContent_txtHtml_ctl00="<STRONG>TEST</STRONG..."). at System.Web.HttpRequest.ValidateString(String s, String valueName, String collectionName) at System.Web.HttpRequest.ValidateNameValueCollection(NameValueCollection nvc, String collectionName) at System.Web.HttpRequest.get_Form() at System.Web.HttpRequest.get_HasForm() at System.Web.UI.Page.GetCollectionBasedOnMethod(Boolean dontReturnNull) at System.Web.UI.Page.DeterminePostBackMode() at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) at System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) at System.Web.UI.Page.ProcessRequest() at System.Web.UI.Page.ProcessRequestWithNoAssert(HttpContext context) at System.Web.UI.Page.ProcessRequest(HttpContext context) at ASP.administration_customhtml_aspx.ProcessRequest(HttpContext context) in c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\root\a260cf23\55eb4dce\App_Web_suygdrob.8.cs:line 0 at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) --><!-- This error page might contain sensitive information because ASP.NET is configured to show verbose error messages using <customErrors mode="Off"/>. Consider using <customErrors mode="On"/> or <customErrors mode="RemoteOnly"/> in production environments.-->
Coordinator
Jan 8, 2010 at 4:37 PM
Edited Jan 8, 2010 at 4:39 PM

Ok, I forgot to add ValidateRequest in CustomHtml.aspx below administration.

First line shall be 

<%

@ Page Title="" Language="C#" MasterPageFile="~/Administration/Admin.master" AutoEventWireup="true" ValidateRequest="false" CodeFile="CustomHtml.aspx.cs" Inherits="Administration_CustomHtml" %>

 

Thank's Tommy, for testing it out.