git installation {CRLF and LF}

Few links about git configuration relating to line endings…

git config core.autocrlf false

Some links: information, windows_setup_example, vista_issues, here, here

Advertisements

A potentially dangerous Request.Form value was detected from the client in ASP.NET WebForms and MVC

This error turns up when you enter input into a text field that contains what looks like markup. For example:

APotentiallyDangerouseRequestFormValue

When you submit you normally would get something like this… ( which unfortunately I copied from the wrong place originally :S )

Server Error in ‘/MyApplication’ Application.


A potentially dangerous Request.Form value was detected from the client (remarks="<code></code>5678,<c…").

Description: Request Validation has detected a potentially dangerous client input value, and processing of the request has been aborted. This value may indicate an attempt to compromise the security of your application, such as a cross-site scripting attack. You can disable request validation by setting validateRequest=false in the Page directive or in the configuration section. However, it is strongly recommended that your application explicitly check all inputs in this case.

Exception Details: System.Web.HttpRequestValidationException: A potentially dangerous Request.Form value was detected from the client (remarks="<code></code>5678,<c…").

Source Error:

An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.

Stack Trace:

[HttpRequestValidationException (0x80004005): A potentially dangerous Request.Form value was detected from the client (remarks="<code></code>5678,<c...").]
   System.Web.HttpRequest.ValidateString(String s, String valueName, String collectionName) +8723114
   System.Web.HttpRequest.ValidateNameValueCollection(NameValueCollection nvc, String collectionName) +111
   System.Web.HttpRequest.get_Form() +129
   System.Web.HttpRequestWrapper.get_Form() +11
   System.Web.Mvc.ValueProviderDictionary.PopulateDictionary() +145
   System.Web.Mvc.ValueProviderDictionary..ctor(ControllerContext controllerContext) +74
   System.Web.Mvc.ControllerBase.get_ValueProvider() +31
   System.Web.Mvc.ControllerActionInvoker.GetParameterValue(ControllerContext controllerContext, ParameterDescriptor parameterDescriptor) +53
   System.Web.Mvc.ControllerActionInvoker.GetParameterValues(ControllerContext controllerContext, ActionDescriptor actionDescriptor) +109
   System.Web.Mvc.ControllerActionInvoker.InvokeAction(ControllerContext controllerContext, String actionName) +399
   System.Web.Mvc.Controller.ExecuteCore() +126
   System.Web.Mvc.ControllerBase.Execute(RequestContext requestContext) +27
   System.Web.Mvc.ControllerBase.System.Web.Mvc.IController.Execute(RequestContext requestContext) +7
   System.Web.Mvc.MvcHandler.ProcessRequest(HttpContextBase httpContext) +151
   System.Web.Mvc.MvcHandler.ProcessRequest(HttpContext httpContext) +57
   System.Web.Mvc.MvcHandler.System.Web.IHttpHandler.ProcessRequest(HttpContext httpContext) +7
   System.Web.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() +181
   System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +75


Version Information: Microsoft .NET Framework Version:2.0.50727.4016; ASP.NET Version:2.0.50727.4016

 

… which is nice by default, but in some situations where you want people to be able to enter markup of some kind you want to be able to disable this. There are several ways.

WebForms – Per Page

This is a matter of adding the ValidateRequest property to the page directive per page:

<%@ Page Language="c#" … ValidateRequest="false"%>

WebForms -Globally

To turn off validation (which is not recommended unless you need to and know the consequences) is doen by editing the Web.config file’s pages element and adding the validateRequest attribute as shown below:

<system.web> 
  : 
  <pages validateRequest="false" /> 
  : 
</system.web>

MVC – Action

To prevent this error in MVC you can do it per action by applying the ValidateInputAttribute to the action method.

[AcceptVerbs(HttpVerbs.Post)]
[ValidateInput(false)]
public ActionResult EditMyEntity(string newValue)
{  :
}

Note that I also have an entry on the MVC attribute here which discusses this attribute a little more. I think it needs updating though 🙂

Sql Server 2005/2008 Object Definition – Getting all the contents of a stored procedure etc…

I thought you had to go to the sys.syscomments table to do this:

SELECT * FROM sys.procedures
WHERE [name] Like ‘GetAllElephants’
ORDER BY [name]

The above would return the stored procedure with the name ‘GetAllElephants’. one of the columns will contain the ID (object_id column) which you then pass to the OBJECT_DEFINTION function as shown below!

SELECT OBJECT_DEFINITION(1409815502);

This will then return all of the contents of the stored procedure … that is the actual code that IS the stored procedure.

Or you could just do this:

SELECT OBJECT_DEFINITION(OBJECT_ID(N’GetAllElephants’));

You can do this with

  • Stored Procedures
  • Views
  • Table Valued Functions
  • Scarlar Valued functions
  • Triggers
  • Inline table Valued Functions
  • and few other constraints and replication related items.. (see documentation below)

OBJECT_DEFINITION Documentation

Sql Server 2005

Sql Server 2008

Mono MasterPage Issues in MonoDevelop

I was trying to get a MonoDevelop MVC application up and running and came across this little snag.The error was:

"The view 'Index' or its master could not be found"

The Index.aspx view existed, but it was linked to a MasterPage like this:

<%@ Page Language="C#" Inherits="System.Web.Mvc.ViewPage" MasterPageFile="~/Views/Shared/MasterPage.master" %>

I added this to the Web.config file:

<pages pageBaseType="System.Web.UI.Page">

And the issue went away.

String To Enum Generic Function

I used to develop mainly in VB and found that converting a string to an enum was a pain!

Today i had to create several methods that did that for different types and after about 2-3 conversion methods I realized that I was doing it the hard way.

So I made a simple string to enum conversion function like this:

public static T ConvertStringToEnum<T>(string type) {
     return (T)Enum.Parse(typeof(T), type);
}

I only wish you could make static extension methods. Then I could do something like this (with any extra syntax that they needed to add to make it static):

Note the below won’t work.

public static class EnumExtensions {
     public static T Parse<T>(this Enum e, string value) {
         return (T)Enum.Parse(typeof(T), value);        
     }  
}

Creating Satellite Assemblies for Resources

I found it finally… It’s taken me ages to find this and it was again by accident!

http://msdn.microsoft.com/en-us/library/21a15yht.aspx

Globalization & Localization Issues in ASP.NET

I was looking form some information about Sql Server Globalization and Localization techniques and came across this article which has a nice little tidbit of information which I was not aware of: This has cleared it up.

Codepage conversion issues

When a character is replaced by a question mark (?) character, this is an indication that a codepage conversion issue, has occurred. The question mark (?) is a default character for the codepage conversion and basically means that the operating system does not know how to handle the character value and convert it. It replaces the character value with a question mark (?). This could mean that the character has an invalid value for the codepage or that the codepage that is needed for the conversion is not installed.

Font conversion issues

When a character is replaced by a box, this is an indication that a font conversion issue has occurred. This occurs on the client side when the client does not have the correct font installed to display this character correctly. For example, when a character is from the Japanese charset, and the client does not have the Japanese fonts installed, the Japanese character is displayed as a box.

Reference: http://support.microsoft.com/kb/893663