More in this section
Forums / Security / Error Message

Error Message

The forums are in read-only mode. In case that you want to directly contact the Progress Sitefinity team use the support center. In our Google Plus group you can find more than one thousand Sitefinity developers discussing different topics. For the Stack Overflow threads don’t forget to use the “Sitefinity” tag.
2 posts, 0 answered
  1. Leon Williams
    Leon Williams avatar
    20 posts
    Registered:
    18 Mar 2010
    08 Jun 2011
    Link to this post
    I am getting hundreds of these errors being generated from my website daily.  What is the problem?  and what does this error mean, and how do I resolve it.  Does this mean someone is trying to hack my website?

    ******

    The following error occurred:

    Message: A potentially dangerous Request.Form value was detected from the client (ctl00$SiteSearch1$txtKeywords="<a href="http://ntdp...").

     Request Url:http://greenguard.org/sitefinity/cmsentrypoint.aspx

    Url IP:212.129.66.131

     Url Referrer:http://greenguard.org/en/about/about_pressroom/about_pressreleases/10-06-18/06_18_10_GREENGUARD_Environmental_Institute_Launches_International_Presence_Opens_Asia-Pacific_Headquarters_in_Beijing_China.aspx

     

     Stack Trace:

       at System.Web.HttpRequest.ValidateString(String s, String valueName, String collectionName)

       at System.Web.HttpRequest.ValidateNameValueCollection(NameValueCollection nvc, String collectionName)

       at System.Web.HttpRequest.get_Form()

       at System.Web.HttpRequest.get_HasForm()

       at System.Web.UI.Page.GetCollectionBasedOnMethod(Boolean dontReturnNull)

       at System.Web.UI.Page.DeterminePostBackMode()

       at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)

       at System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)

       at System.Web.UI.Page.ProcessRequest()

       at System.Web.UI.Page.ProcessRequestWithNoAssert(HttpContext context)

       at System.Web.UI.Page.ProcessRequest(HttpContext context)

       at ASP.sitefinity_cmsentrypoint_aspx.ProcessRequest(HttpContext context) in c:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\root\b674d4af\47ab258d\App_Web_bz7j37di.0.cs:line 0

       at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()

       at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) Target Site: Void ValidateString(System.String, System.String, System.String)

    Source: System.Web

     Request.ServerVariables

     

    ALL_HTTP = HTTP_CONNECTION:Keep-Alive

    HTTP_CONTENT_LENGTH:24281

    HTTP_CONTENT_TYPE:application/x-www-form-urlencoded

    HTTP_ACCEPT:image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, */* HTTP_ACCEPT_ENCODING:gzip, deflate HTTP_ACCEPT_LANGUAGE:en

    HTTP_COOKIE:ASP.NET_SessionId=l1aajnuij4cwzkn5hbnbq345

    HTTP_HOST:greenguard.org

    HTTP_REFERER:http://greenguard.org/en/about/about_pressroom/about_pressreleases/10-06-18/06_18_10_GREENGUARD_Environmental_Institute_Launches_International_Presence_Opens_Asia-Pacific_Headquarters_in_Beijing_China.aspx

    HTTP_USER_AGENT:Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1) HTTP_X_BLUECOAT_VIA:2F27E9096B73167C

     

    ALL_RAW = Connection: Keep-Alive

    Content-Length: 24281

    Content-Type: application/x-www-form-urlencoded

    Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, */*

    Accept-Encoding: gzip, deflate

    Accept-Language: en

    Cookie: ASP.NET_SessionId=l1aajnuij4cwzkn5hbnbq345

    Host: greenguard.org

    Referer: http://greenguard.org/en/about/about_pressroom/about_pressreleases/10-06-18/06_18_10_GREENGUARD_Environmental_Institute_Launches_International_Presence_Opens_Asia-Pacific_Headquarters_in_Beijing_China.aspx

    User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)

    X-BlueCoat-Via: 2F27E9096B73167C

     

    APPL_MD_PATH = /LM/W3SVC/2/ROOT

    APPL_PHYSICAL_PATH = C:\WebSites\www.greenguard.org\ AUTH_TYPE = AUTH_USER = AUTH_PASSWORD = LOGON_USER = REMOTE_USER = CERT_COOKIE = CERT_FLAGS = CERT_ISSUER = CERT_KEYSIZE = CERT_SECRETKEYSIZE = CERT_SERIALNUMBER = CERT_SERVER_ISSUER = CERT_SERVER_SUBJECT = CERT_SUBJECT = CONTENT_LENGTH = 24281 CONTENT_TYPE = application/x-www-form-urlencoded GATEWAY_INTERFACE = CGI/1.1 HTTPS = off HTTPS_KEYSIZE = HTTPS_SECRETKEYSIZE = HTTPS_SERVER_ISSUER = HTTPS_SERVER_SUBJECT = INSTANCE_ID = 2 INSTANCE_META_PATH = /LM/W3SVC/2 LOCAL_ADDR = 10.5.20.10 PATH_INFO = /sitefinity/cmsentrypoint.aspx PATH_TRANSLATED = C:\WebSites\www.greenguard.org\sitefinity\cmsentrypoint.aspx

    QUERY_STRING =

    REMOTE_ADDR = 212.129.66.131

    REMOTE_HOST = 212.129.66.131

    REMOTE_PORT = 62855

    REQUEST_METHOD = POST

    SCRIPT_NAME = /sitefinity/cmsentrypoint.aspx SERVER_NAME = greenguard.org SERVER_PORT = 80 SERVER_PORT_SECURE = 0 SERVER_PROTOCOL = HTTP/1.1 SERVER_SOFTWARE = Microsoft-IIS/7.0 URL = /sitefinity/cmsentrypoint.aspx HTTP_CONNECTION = Keep-Alive HTTP_CONTENT_LENGTH = 24281 HTTP_CONTENT_TYPE = application/x-www-form-urlencoded HTTP_ACCEPT = image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, */* HTTP_ACCEPT_ENCODING = gzip, deflate HTTP_ACCEPT_LANGUAGE = en HTTP_COOKIE = ASP.NET_SessionId=l1aajnuij4cwzkn5hbnbq345

    HTTP_HOST = greenguard.org

    HTTP_REFERER = http://greenguard.org/en/about/about_pressroom/about_pressreleases/10-06-18/06_18_10_GREENGUARD_Environmental_Institute_Launches_International_Presence_Opens_Asia-Pacific_Headquarters_in_Beijing_China.aspx

    HTTP_USER_AGENT = Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1) HTTP_X_BLUECOAT_VIA = 2F27E9096B73167C

    ****

    Any help with this is appreciated,
    Thanks
  2. Ivan Dimitrov
    Ivan Dimitrov avatar
    16072 posts
    Registered:
    12 Sep 2017
    08 Jun 2011
    Link to this post
    Hello ,

    It looks like that someone is pasting a link inside the TextBox of the SearchResult control and ASP.NET blocks the submit of this form, because it contains < which is considered as a tag that could contain script.

    Kind regards,
    Ivan Dimitrov
    the Telerik team
    Do you want to have your say in the Sitefinity development roadmap? Do you want to know when a feature you requested is added or when a bug fixed? Explore the Telerik Public Issue Tracking system and vote to affect the priority of the items
2 posts, 0 answered