Copied to clipboard

Flag this post as spam?

This post will be reported to the moderators as potential spam to be looked at


  • ds 191 posts 223 karma points
    Sep 27, 2011 @ 15:11
    ds
    0

    DisableRequestValidation prevents displaying the page

    I am using umbraco 4.7.0 with .net 4. I have a slideshow where my news are displayed on homepage. News source is a rss feed created by xslt. I can display and see slideshow without any problem but when you click one of the news in the slideshow, it should direct you news detail page but upon clicking I got following error.

    A potentially dangerous Request.QueryString value was 
    detected from the client (~/<link xmlns:media="...helper">  <a 
    href="/news/k...").

    I searched for that issue on the net and tried in web.config like in the following

    <httpRuntime requestValidationMode="2.0" />
    <pages validateRequest="false" />

    but those suggestion did not work out so after searching in umbraco, I found that I should add below code in the master template

    <umbraco:DisableRequestValidation runat="server"/> 

    but this time when you click one of news in slideshow, it redirects you "page not found" error page set in umbracoSettings.config.

    I also add code snippet which causes that error in xslt file

    <?xml version="1.0" encoding="UTF-8"?>
    <xsl:stylesheet
      version="1.0"
      xmlns:xsl="http://www.w3.org/1999/XSL/Transform"
      xmlns:rssdatehelper="urn:rssdatehelper"
      xmlns:dc="http://purl.org/dc/elements/1.1/"
      xmlns:content="http://purl.org/rss/1.0/modules/content/"
      xmlns:msxml="urn:schemas-microsoft-com:xslt"
      xmlns:umbraco.library="urn:umbraco.library" xmlns:Exslt.ExsltCommon="urn:Exslt.ExsltCommon" xmlns:Exslt.ExsltDatesAndTimes="urn:Exslt.ExsltDatesAndTimes" xmlns:Exslt.ExsltMath="urn:Exslt.ExsltMath" xmlns:Exslt.ExsltRegularExpressions="urn:Exslt.ExsltRegularExpressions" xmlns:Exslt.ExsltStrings="urn:Exslt.ExsltStrings" xmlns:Exslt.ExsltSets="urn:Exslt.ExsltSets" xmlns:tagsLib="urn:tagsLib" xmlns:BlogLibrary="urn:BlogLibrary"
      xmlns:media="http://search.yahoo.com/mrss/" exclude-result-prefixes="msxml umbraco.library Exslt.ExsltCommon Exslt.ExsltDatesAndTimes Exslt.ExsltMath Exslt.ExsltRegularExpressions Exslt.ExsltStrings Exslt.ExsltSets tagsLib BlogLibrary ">


      <xsl:output method="xml" omit-xml-declaration="yes"/>
      <xsl:include href="../xslt/LanguageParameter.xslt" />
      <xsl:include href="../xslt/PropertyReferenceTranslation.xslt" />
      <xsl:param name="currentPage"/>

      <!-- Update these variables to modify the feed -->
      <xsl:variable name="RSSNoItems" select="string('200')"/>
      <xsl:variable name="RSSTitle" select="string('My sample rss')"/>
      <xsl:variable name="SiteURL" select="concat('http://', string(umbraco.library:RequestServerVariables('HTTP_HOST')))"/>
      <xsl:variable name="RSSDescription" select="string('Add your description here')"/>

      <!-- This gets all news and events and orders by updateDate to use for the pubDate in RSS feed -->
      <xsl:variable name="pubDate">
        <xsl:for-each select="$currentPage/* [@isDoc]">
          <xsl:sort select="@createDate" data-type="text" order="descending" />
          <xsl:if test="position() = 1">
            <xsl:value-of select="updateDate" />
          </xsl:if>
        </xsl:for-each>
      </xsl:variable>

      <xsl:template match="/">
        <!-- change the mimetype for the current page to xml -->
        <xsl:value-of select="umbraco.library:ChangeContentType('text/xml')"/>

        <xsl:text disable-output-escaping="yes">&lt;?xml version="1.0" encoding="UTF-8"?&gt;</xsl:text>
        <rss version="2.0"
        xmlns:media="http://search.yahoo.com/mrss/"
        xmlns:content="http://purl.org/rss/1.0/modules/content/"
        xmlns:wfw="http://wellformedweb.org/CommentAPI/"
        xmlns:dc="http://purl.org/dc/elements/1.1/">

          <channel>
            <title>
              <xsl:value-of select="$RSSTitle"/>
            </title>
            <link>
              <xsl:value-of select="$SiteURL" />
            </link>
            <pubDate>
              <xsl:value-of select="$pubDate"/>
            </pubDate>
            <generator>umbraco</generator>
            <description>
              <xsl:value-of select="$RSSDescription"/>
            </description>
            <language>en</language>

            <xsl:apply-templates select="$currentPage/* [@isDoc and string(umbracoNaviHide) != '1']">
              <xsl:sort select="@createDate" order="descending" />
            </xsl:apply-templates>
          </channel>
        </rss>

      </xsl:template>

      <xsl:template match="* [@isDoc]">
        <xsl:if test="position() &lt;= $RSSNoItems">
          <item>
            <title>
              <!--<xsl:value-of select="@nodeName"/>   -->
                      <xsl:call-template name="PropertyReferenceTranslation">
                        <xsl:with-param name="nodeId" select="@id" />
                        <xsl:with-param name="Property" select="'title'" />
                        <xsl:with-param name="langISO" select="$langISO" />
                      </xsl:call-template>      
            </title>
            <link>
              <!--<xsl:value-of select="$SiteURL"/><xsl:value-of select="umbraco.library:NiceUrl(@id)"/>-->
              <a href="{concat(umbraco.library:NiceUrl(@id), '?lang=', $langISO)}" ></a>
            </link>
            <description>
              <!--<xsl:value-of select="newsDescription" disable-output-escaping="yes"/>-->  
                     <xsl:call-template name="PropertyReferenceTranslation">
                        <xsl:with-param name="nodeId" select="@id" />
                        <xsl:with-param name="Property" select="'newsDescription'" />
                        <xsl:with-param name="langISO" select="$langISO" />
                      </xsl:call-template>
            </description>      
            <pubDate>
              <xsl:value-of select="umbraco.library:FormatDateTime(@createDate,'r')" />
            </pubDate>
            <dc:date.Taken>
              <xsl:value-of select="umbraco.library:FormatDateTime(@createDate,'r')" />
            </dc:date.Taken>
            <author>
               <xsl:value-of select="@writerName"/>
             </author>        
             <guid>
               <xsl:value-of select="$SiteURL"/>
               <xsl:value-of select="umbraco.library:NiceUrl(@id)"/>
             </guid>
            <media:content url="{umbracoFile}" />
            <media:title type="plain">
                      <xsl:call-template name="PropertyReferenceTranslation">
                        <xsl:with-param name="nodeId" select="@id" />
                        <xsl:with-param name="Property" select="'title'" />
                        <xsl:with-param name="langISO" select="$langISO" />
                      </xsl:call-template>          
              <!--<xsl:value-of select="title"/>-->  
            </media:title>
            <media:description type="html">
                      <xsl:call-template name="PropertyReferenceTranslation">
                        <xsl:with-param name="nodeId" select="@id" />
                        <xsl:with-param name="Property" select="'newsDescription'" />
                        <xsl:with-param name="langISO" select="$langISO" />
                      </xsl:call-template>
              <!--<xsl:value-of select="newsDescription"/>-->  
            </media:description>
            <media:credit role="Software Developer">*</media:credit>     
          </item>
        </xsl:if>
      </xsl:template>

    </xsl:stylesheet>
  • ds 191 posts 223 karma points
    Sep 28, 2011 @ 08:09
    ds
    0

    Any idea?

  • umbracocool 108 posts 197 karma points
    Mar 23, 2013 @ 18:01
    umbracocool
    0

    Hello friend!. I tell you that I read your problem, which also happened to me. What I did was I put in your code:

    <%@ Master Language="C#" MasterPageFile="~/umbraco/masterpages/default.master" AutoEventWireup="true" %>
    <asp:Content ContentPlaceHolderID="ContentPlaceHolderDefault" runat="server">
    <umbraco:DisableRequestValidation runat="server"/> 

    <!--MY CODE HTML-->

    </asp:Content>

    and it works great!.Thank you!

Please Sign in or register to post replies

Write your reply to:

Draft