Strange character [Â] appearing in file.

Hi All,

I have an ASP.NET application which opens a text file and then saves it again.
This saved file is then passed into another software suite (not ASP.NET) for processing.
This secondary suite expects the lines in the file to be a certain length (legacy).

All text is transferred between the files correctly, except for where a uk pound sign [￡] appears in the original file.

This character is NOT transferredusing the default StreamReader/Writer.

I havetriedchanging the encoding of both the StreamReader and the StreamWriter butcannot find one which does the job as expected, changing the reader toASCII and leaving the default writer is the closest but not withoutissues.
Where thiscondition occurs, the resulting saved file, in the place where theoriginal pound sign was displayed shows 2 (!) characters ?￡.

This extra ? [alt + 0194] character is not seen by Notepad, not visiblewhen debugging, but is there, as it affects the fixed length recordprocessing mentioned above, and can be seen in other text editors suchas Wordpad, DocPad etc.

Please help, this is causing some despair!

Thanks and Regards,
Ric

The following code sample demonstrates my point...
[A file c:\testInput.txt is also required with a line in it that contains a ￡ sign]
eg. 111111111111111￡1111111111
[A file c:\testOutput.txt is created to demonstrate the point.]

Sub Main()

'file access vars
Dim fsRead As FileStream
Dim fsWrite As FileStream
Dim sr As StreamReader
Dim sw As StreamWriter

'The file to read from
Dim inputFile As String = "c:\testInput.txt"
Dim outputFile As String = "c:\testOutput.txt"

'Create the FileStream : INPUT
Try
fsRead = New FileStream(inputFile, FileMode.Open, FileAccess.Read,FileShare.Read)
Catch ex As Exception
End Try

'Create the StreamReader
Try
sr = New StreamReader(fsRead, System.Text.Encoding.ASCII)
Catch ex As Exception
End Try

'Create the FileStream : OUTPUT
Try
fsWrite = New FileStream(outputFile, FileMode.OpenOrCreate,FileAccess.Write, FileShare.ReadWrite)
Catch ex As Exception
End Try

'Create the StreamWriter
Try
sw = New StreamWriter(fsWrite)
Catch ex As Exception
End Try

Dim s As String
Dim replaced As String
While sr.Peek <> -1

'read a line form the input file
s = sr.ReadLine()

'substitute the misread ? characters into ￡ signs
replaced = Replace(s, "?", "￡")

'move to the end of the file
sw.BaseStream.Seek(0, SeekOrigin.End)

'and write the string to the output file
sw.Write(replaced & vbCrLf)

End While

'Clear up...
Try
sw.Flush()
sw.Close()
fsWrite.Close()

sr.Close()
fsRead.Close()

Catch ex As Exception
End Try

'and dispose
sw = Nothing
sr = Nothing
fsRead = Nothing
fsWrite = Nothing

End Sub

Solution:

When reading/writing plain text files using file streams on a Windows box you should specify an Encoding.

The Encoding can be created using the following code:
[1252 is the Western Windows codepage]

Dim encAs System.Text.Encoding
enc = System.Text.Encoding.GetEncoding(1252)

You can then specify this encoding to be used when creating the StreamReader/StreamWriter.

All characters (even the uk pound sign ￡) will then be correctly read/written by the streams.

Hope this helps,
Ric

Strange character transformations

Hi,

I have an ASP.Net website, which allows users to upload a file which is
then inserted into a database.

This is all fine until it reads a line with the string +Anu in it.
It transforms this to this char ? (which, if Googled for, is
described as Unicode Character 'LATIN SMALL LETTER TURNED R WITH HOOK'
(U+027B) or, in Phonetics, as a 'Retroflex approximant'.)

Has anyone seen this behaviour before, and know how to stop it?
The code's simple - here's an example. The ? appears in the output
where the input is +Anu - it's transformed before I can touch it!

using (StreamReader sr = new StreamReader(strFile,
System.Text.Encoding.UTF7)) {
// Read and display lines from the file until the end of the file is
reached.
while ((line = sr.ReadLine()) != null) {
Response.Write(line);
}
}

Regards

AdamLooks like an encoding issue, alright.
Have you tried using the StreamReader constructor that does not require a
character encoding?

"CyberSpyders@.gmail.com" wrote:

Quote:

Originally Posted by

Hi,
>
I have an ASP.Net website, which allows users to upload a file which is
then inserted into a database.
>
This is all fine until it reads a line with the string +Anu in it.
It transforms this to this char ? (which, if Googled for, is
described as Unicode Character 'LATIN SMALL LETTER TURNED R WITH HOOK'
(U+027B) or, in Phonetics, as a 'Retroflex approximant'.)
>
Has anyone seen this behaviour before, and know how to stop it?
The code's simple - here's an example. The ? appears in the output
where the input is +Anu - it's transformed before I can touch it!
>
using (StreamReader sr = new StreamReader(strFile,
System.Text.Encoding.UTF7)) {
// Read and display lines from the file until the end of the file is
reached.
while ((line = sr.ReadLine()) != null) {
Response.Write(line);
}
}
>
Regards
>
Adam
>
>

Graven,

I'm not sure how a 4 letter string like this could be seen as an
encoding issue, but I will certainly give it a go. Thanks for the
suggestion.

Adam

Graven wrote:

Quote:

Originally Posted by

Try to use plain latin-1 encoding. I think it's an unicode
normalization issue, but don't know if StreamReader performs it by
default.
>
>
CyberSpyders@.gmail.com wrote:

Quote:

Originally Posted by

Hi,

I have an ASP.Net website, which allows users to upload a file which is
then inserted into a database.

This is all fine until it reads a line with the string +Anu in it.
It transforms this to this char ? (which, if Googled for, is
described as Unicode Character 'LATIN SMALL LETTER TURNED R WITH HOOK'
(U+027B) or, in Phonetics, as a 'Retroflex approximant'.)

Has anyone seen this behaviour before, and know how to stop it?
The code's simple - here's an example. The ? appears in the output
where the input is +Anu - it's transformed before I can touch it!

using (StreamReader sr = new StreamReader(strFile,
System.Text.Encoding.UTF7)) {
// Read and display lines from the file until the end of the file is
reached.
while ((line = sr.ReadLine()) != null) {
Response.Write(line);
}
}

Regards

Adam

Larry,

You were spot on - changing to UTF8 stopped this transformation. Thanks

It's not quite solved my problem though.
The file is a Text file, each line being a series of files delimited by
the character, as this was unliekley to ever appear in the actual
data.

Unfortunately, UTF8 encoding strips these characters completely. ASCII
encoding, on the other hand, replaces them with ?

Oh the joy of character encoding.

Regards

Adam

Larry Lard wrote:

Quote:

Originally Posted by

This is why you are seeing what you are seeing. UTF7 encodes characters
outside the printable 7 bit range using UTF16 then modified base64, with
+ as the indicator mark for this encoding. I haven't checked, but I
imagine +Anu is the UTF7 encoding of that character. You shouldn't use a
UTF7 reader to read a file that you don't know for sure was produced by
a UTF7 writer.
>
The correct way to read the file depends on what kind of file it is. If
it is text of an unknown encoding, there is no way to be absolutely
sure, but UTF8 is a good starting point. If it's binary data, you
shouldn't be using a TextReader class at all.

Strange characters displayed in file name - File Download Dialog - IE

I don't know what else to try - In my asp.net app, when the file name has
Windows-1252 characters (like and ), these characters appear, each one,
as two strange characters in the file name label in Internet Explorer File
Download Dialog that is shown when I click a link to download the file. The
file content is being generated on-the-fly using asp.net and the filename is
being passed using a call to Response.AddHeader with the strings
"Content-Disposition" and "attachment; filename=" + filename.

I want the file name to display correctly, as it DOES when I click a link in
a test HTML file that points to a "real" file stored in the system.

I tried setting Response.ContentEncoding but all my atempts were
unsuccessful.
I have also searched the net, specially google groups for an answer but I
couldn't find.

Thank you in advance,

Daniel CardosoAfer trying a little bit more, I decided to analyze the HTTP response
generated by the server in response to a request to download the file. I
then realized that the special characters were being wrongly represented and
sent to the client. I had to use Server.UrlEncode to encode the file name
appropriately, in addition to setting Response.ContentEncoding, so that the
special symbols were correctly sent to the browser. The problem is now
solved.

Regards,

Daniel Cardoso

"Daniel Cardoso" <someone@.nospam.com> wrote in message
news:uMYy4yXoEHA.2636@.TK2MSFTNGP09.phx.gbl...
> I don't know what else to try - In my asp.net app, when the file name has
> Windows-1252 characters (like and ), these characters appear, each one,
> as two strange characters in the file name label in Internet Explorer File
> Download Dialog that is shown when I click a link to download the file.
The
> file content is being generated on-the-fly using asp.net and the filename
is
> being passed using a call to Response.AddHeader with the strings
> "Content-Disposition" and "attachment; filename=" + filename.
> I want the file name to display correctly, as it DOES when I click a link
in
> a test HTML file that points to a "real" file stored in the system.
> I tried setting Response.ContentEncoding but all my atempts were
> unsuccessful.
> I have also searched the net, specially google groups for an answer but I
> couldn't find.
> Thank you in advance,
> Daniel Cardoso

Strange characters displayed in file name - File Download Dialog - IE

I don't know what else to try - In my asp.net app, when the file name has
Windows-1252 characters (like and ), these characters appear, each one,
as two strange characters in the file name label in Internet Explorer File
Download Dialog that is shown when I click a link to download the file. The
file content is being generated on-the-fly using asp.net and the filename is
being passed using a call to Response.AddHeader with the strings
"Content-Disposition" and "attachment; filename=" + filename.
I want the file name to display correctly, as it DOES when I click a link in
a test HTML file that points to a "real" file stored in the system.
I tried setting Response.ContentEncoding but all my atempts were
unsuccessful.
I have also searched the net, specially google groups for an answer but I
couldn't find.
Thank you in advance,
Daniel CardosoAfer trying a little bit more, I decided to analyze the HTTP response
generated by the server in response to a request to download the file. I
then realized that the special characters were being wrongly represented and
sent to the client. I had to use Server.UrlEncode to encode the file name
appropriately, in addition to setting Response.ContentEncoding, so that the
special symbols were correctly sent to the browser. The problem is now
solved.
Regards,
Daniel Cardoso
"Daniel Cardoso" <someone@.nospam.com> wrote in message
news:uMYy4yXoEHA.2636@.TK2MSFTNGP09.phx.gbl...
> I don't know what else to try - In my asp.net app, when the file name has
> Windows-1252 characters (like and ), these characters appear, each one,
> as two strange characters in the file name label in Internet Explorer File
> Download Dialog that is shown when I click a link to download the file.
The
> file content is being generated on-the-fly using asp.net and the filename
is
> being passed using a call to Response.AddHeader with the strings
> "Content-Disposition" and "attachment; filename=" + filename.
> I want the file name to display correctly, as it DOES when I click a link
in
> a test HTML file that points to a "real" file stored in the system.
> I tried setting Response.ContentEncoding but all my atempts were
> unsuccessful.
> I have also searched the net, specially google groups for an answer but I
> couldn't find.
> Thank you in advance,
> Daniel Cardoso
>

Strange download problem!

Hi! everybody,

I'm facing a quite strange download problem. I use the following code to
download an XML file to client side:

With Response
' clear buffer
Call .Clear()

' specify the type of the downloadable file
.ContentType = "application/octet-stream" ' I have
also tried to change this statement to Response.ContentType = "Text/XML"
, but the result is same

' det the default filename in the FileDownload dialog box
Call .AddHeader("Content-Disposition", "attachment;
filename=""Download.XML""")

' force to flush buffer
Call .Flush()

' download the file
Call .WriteFile("Original.XML")
End With

When the download is finished, I found that some HTML code are attached to
the end of my original XML statements in download file. The HTML code is
what exact the form just before download. I would like to know what causes
this result and the solution. Certainly, I need the XML content only.

Thanks for your attention and kindly advice!

Regards,
JamesOne suggestion, try Response.Write(file) instead of writefile, that may cure
the ailment.

--

----
Got TidBits?
Get it here: www.networkip.net/tidbits
"James Wong" <cp_msdn@.commercialpress.com.hk.NO_SPAM> wrote in message
news:ezSMNkYrDHA.2600@.TK2MSFTNGP09.phx.gbl...
> Hi! everybody,
> I'm facing a quite strange download problem. I use the following code to
> download an XML file to client side:
> With Response
> ' clear buffer
> Call .Clear()
> ' specify the type of the downloadable file
> .ContentType = "application/octet-stream" ' I have
> also tried to change this statement to Response.ContentType = "Text/XML"
> , but the result is same
> ' det the default filename in the FileDownload dialog box
> Call .AddHeader("Content-Disposition", "attachment;
> filename=""Download.XML""")
> ' force to flush buffer
> Call .Flush()
> ' download the file
> Call .WriteFile("Original.XML")
> End With
> When the download is finished, I found that some HTML code are attached to
> the end of my original XML statements in download file. The HTML code is
> what exact the form just before download. I would like to know what
causes
> this result and the solution. Certainly, I need the XML content only.
> Thanks for your attention and kindly advice!
> Regards,
> James
Alvin,

Thanks for your response. But even I change it to Response.Write, the
strange behavior still be there.

Regards,
James

"Alvin Bruney" <vapordan_spam_me_not@.hotmail_no_spamhotmail.com> bl
news:ebZTV6YrDHA.2416@.TK2MSFTNGP10.phx.gbl g...
> One suggestion, try Response.Write(file) instead of writefile, that may
cure
> the ailment.
Hello James,

Thanks for posting in the group.

Please try adding Call.End() before "End With" to see if it works.

I used the following code and it works great for me:

string filename = "C:\MyFolder\MyFile.xml";
System.IO.FileInfo file = new System.IO.FileInfo(fileName);
Response.Clear(); // clear the current output content from the buffer
Response.AppendHeader("Content-Disposition", "attachment; filename=" +
file.Name);
Response.AppendHeader("Content-Length", file.Length.ToString());
Response.ContentType = "application/octet-stream";
Response.WriteFile(file.FullName);
Response.End();

Does that answer your question? If the problem is still there, please feel
free to post here.

Best regards,
Yanhong Huang
Microsoft Online Partner Support

Get Secure! C www.microsoft.com/security
This posting is provided "AS IS" with no warranties, and confers no rights.
After call Call .WriteFile("Original.XML") type
Response.End();
Will work.

Thanks,

sswalia
MCSD, MCAD, OCA

"James Wong" <cp_msdn@.commercialpress.com.hk.NO_SPAM> wrote in message
news:ezSMNkYrDHA.2600@.TK2MSFTNGP09.phx.gbl...
> Hi! everybody,
> I'm facing a quite strange download problem. I use the following code to
> download an XML file to client side:
> With Response
> ' clear buffer
> Call .Clear()
> ' specify the type of the downloadable file
> .ContentType = "application/octet-stream" ' I have
> also tried to change this statement to Response.ContentType = "Text/XML"
> , but the result is same
> ' det the default filename in the FileDownload dialog box
> Call .AddHeader("Content-Disposition", "attachment;
> filename=""Download.XML""")
> ' force to flush buffer
> Call .Flush()
> ' download the file
> Call .WriteFile("Original.XML")
> End With
> When the download is finished, I found that some HTML code are attached to
> the end of my original XML statements in download file. The HTML code is
> what exact the form just before download. I would like to know what
causes
> this result and the solution. Certainly, I need the XML content only.
> Thanks for your attention and kindly advice!
> Regards,
> James
Hi! Yanhong and SSW,

Thanks for your reply! I works by adding Call .End() and solve my problem.

However, there is a side-effect by doing so. Threading.ThreadAbortException
is fired once the .End() method is called. My workround is to handle this
exception and put all remaining statements after the .End() method under
this exception handling routine. Do you have a better idea to overcome this
side-effect?

Anyway, thanks for your effort!

Regards,
James

"Yan-Hong Huang[MSFT]" <yhhuang@.online.microsoft.com> bl
news:PFz0azZrDHA.1544@.cpmsftngxa06.phx.gbl g...
> Hello James,
> Thanks for posting in the group.
> Please try adding Call.End() before "End With" to see if it works.
> I used the following code and it works great for me:
> string filename = "C:\MyFolder\MyFile.xml";
> System.IO.FileInfo file = new System.IO.FileInfo(fileName);
> Response.Clear(); // clear the current output content from the buffer
> Response.AppendHeader("Content-Disposition", "attachment; filename=" +
> file.Name);
> Response.AppendHeader("Content-Length", file.Length.ToString());
> Response.ContentType = "application/octet-stream";
> Response.WriteFile(file.FullName);
> Response.End();
> Does that answer your question? If the problem is still there, please feel
> free to post here.
> Best regards,
> Yanhong Huang
> Microsoft Online Partner Support
> Get Secure! C www.microsoft.com/security
> This posting is provided "AS IS" with no warranties, and confers no
rights.
Hello

Put the remaining state after the .End() statement. The .NET Framework will
handle the ThreadAbortException

Best regards
Sherif

"James Wong" <cp_msdn@.commercialpress.com.hk.NO_SPAM> wrote in message
news:#mepTgarDHA.1488@.TK2MSFTNGP12.phx.gbl...
> Hi! Yanhong and SSW,
> Thanks for your reply! I works by adding Call .End() and solve my
problem.
> However, there is a side-effect by doing so.
Threading.ThreadAbortException
> is fired once the .End() method is called. My workround is to handle this
> exception and put all remaining statements after the .End() method under
> this exception handling routine. Do you have a better idea to overcome
this
> side-effect?
> Anyway, thanks for your effort!
> Regards,
> James
> "Yan-Hong Huang[MSFT]" <yhhuang@.online.microsoft.com> bl
> news:PFz0azZrDHA.1544@.cpmsftngxa06.phx.gbl g...
> > Hello James,
> > Thanks for posting in the group.
> > Please try adding Call.End() before "End With" to see if it works.
> > I used the following code and it works great for me:
> > string filename = "C:\MyFolder\MyFile.xml";
> > System.IO.FileInfo file = new System.IO.FileInfo(fileName);
> > Response.Clear(); // clear the current output content from the buffer
> > Response.AppendHeader("Content-Disposition", "attachment; filename=" +
> > file.Name);
> > Response.AppendHeader("Content-Length", file.Length.ToString());
> > Response.ContentType = "application/octet-stream";
> > Response.WriteFile(file.FullName);
> > Response.End();
> > Does that answer your question? If the problem is still there, please
feel
> > free to post here.
> > Best regards,
> > Yanhong Huang
> > Microsoft Online Partner Support
> > Get Secure! C www.microsoft.com/security
> > This posting is provided "AS IS" with no warranties, and confers no
> rights.
Hello, Sherif,

I have my own exceptional handler which handles all unexpected exceptions.
So if I don't handle it, this exception will fire my default exceptional
handling routine which logs exception details in my self-defined log and
also sends an e-mail to me. That's why I have to handle it. Do you think
there is other better workaround?

Regards,
James

"Sherif ElMetainy" <elmeteny.NOSPAM@.wayout.net.NOSPAM> bl
news:es0vEfbrDHA.1408@.TK2MSFTNGP11.phx.gbl g...
> Hello
> Put the remaining state after the .End() statement. The .NET Framework
will
> handle the ThreadAbortException
> Best regards
> Sherif
> "James Wong" <cp_msdn@.commercialpress.com.hk.NO_SPAM> wrote in message
> news:#mepTgarDHA.1488@.TK2MSFTNGP12.phx.gbl...
> > Hi! Yanhong and SSW,
> > Thanks for your reply! I works by adding Call .End() and solve my
> problem.
> > However, there is a side-effect by doing so.
> Threading.ThreadAbortException
> > is fired once the .End() method is called. My workround is to handle
this
> > exception and put all remaining statements after the .End() method under
> > this exception handling routine. Do you have a better idea to overcome
> this
> > side-effect?
> > Anyway, thanks for your effort!
> > Regards,
> > James
> > "Yan-Hong Huang[MSFT]" <yhhuang@.online.microsoft.com> bl
> > news:PFz0azZrDHA.1544@.cpmsftngxa06.phx.gbl g...
> > > Hello James,
> > > > Thanks for posting in the group.
> > > > Please try adding Call.End() before "End With" to see if it works.
> > > > I used the following code and it works great for me:
> > > > string filename = "C:\MyFolder\MyFile.xml";
> > > System.IO.FileInfo file = new System.IO.FileInfo(fileName);
> > > Response.Clear(); // clear the current output content from the buffer
> > > Response.AppendHeader("Content-Disposition", "attachment; filename=" +
> > > file.Name);
> > > Response.AppendHeader("Content-Length", file.Length.ToString());
> > > Response.ContentType = "application/octet-stream";
> > > Response.WriteFile(file.FullName);
> > > Response.End();
> > > > Does that answer your question? If the problem is still there, please
> feel
> > > free to post here.
> > > > Best regards,
> > > Yanhong Huang
> > > Microsoft Online Partner Support
> > > > Get Secure! C www.microsoft.com/security
> > > This posting is provided "AS IS" with no warranties, and confers no
> > rights.
>
Hello

ThreadAbortException is special in that even if your handler catches it, it
will be rethrown again at the end of the catch block, unless you call
Thread.ResetAbort(). In your case it is not appropriate to call
ResetAbort(), because this means the rendering of the page will continue.
If you don't want to call Response.End() which throws the
ThreadAbortException, you can override the Render Method and not call the
base class Render method.

Best regards
Sherif

"James Wong" <cp_msdn@.commercialpress.com.hk.NO_SPAM> wrote in message
news:eJqBmzbrDHA.3732@.tk2msftngp13.phx.gbl...
> Hello, Sherif,
> I have my own exceptional handler which handles all unexpected exceptions.
> So if I don't handle it, this exception will fire my default exceptional
> handling routine which logs exception details in my self-defined log and
> also sends an e-mail to me. That's why I have to handle it. Do you think
> there is other better workaround?
> Regards,
> James
> "Sherif ElMetainy" <elmeteny.NOSPAM@.wayout.net.NOSPAM> bl
> news:es0vEfbrDHA.1408@.TK2MSFTNGP11.phx.gbl g...
> > Hello
> > Put the remaining state after the .End() statement. The .NET Framework
> will
> > handle the ThreadAbortException
> > Best regards
> > Sherif
> > "James Wong" <cp_msdn@.commercialpress.com.hk.NO_SPAM> wrote in message
> > news:#mepTgarDHA.1488@.TK2MSFTNGP12.phx.gbl...
> > > Hi! Yanhong and SSW,
> > > > Thanks for your reply! I works by adding Call .End() and solve my
> > problem.
> > > > However, there is a side-effect by doing so.
> > Threading.ThreadAbortException
> > > is fired once the .End() method is called. My workround is to handle
> this
> > > exception and put all remaining statements after the .End() method
under
> > > this exception handling routine. Do you have a better idea to
overcome
> > this
> > > side-effect?
> > > > Anyway, thanks for your effort!
> > > > Regards,
> > > James
> > > > "Yan-Hong Huang[MSFT]" <yhhuang@.online.microsoft.com> bl
> > > news:PFz0azZrDHA.1544@.cpmsftngxa06.phx.gbl g...
> > > > Hello James,
> > > > > > Thanks for posting in the group.
> > > > > > Please try adding Call.End() before "End With" to see if it works.
> > > > > > I used the following code and it works great for me:
> > > > > > string filename = "C:\MyFolder\MyFile.xml";
> > > > System.IO.FileInfo file = new System.IO.FileInfo(fileName);
> > > > Response.Clear(); // clear the current output content from the
buffer
> > > > Response.AppendHeader("Content-Disposition", "attachment; filename="
+
> > > > file.Name);
> > > > Response.AppendHeader("Content-Length", file.Length.ToString());
> > > > Response.ContentType = "application/octet-stream";
> > > > Response.WriteFile(file.FullName);
> > > > Response.End();
> > > > > > Does that answer your question? If the problem is still there,
please
> > feel
> > > > free to post here.
> > > > > > Best regards,
> > > > Yanhong Huang
> > > > Microsoft Online Partner Support
> > > > > > Get Secure! C www.microsoft.com/security
> > > > This posting is provided "AS IS" with no warranties, and confers no
> > > rights.
> > > >
Hello James,

Thanks for your response.

The Response.End method ends the page execution and shifts the execution to
the Application_EndRequest event in the application's event pipeline. The
line of code that follows Response.End is not executed. So
ThreadAbortException exception occurs.

To work around this problem, For Response.End, call the
ApplicationInstance.CompleteRequest method instead of Response.End to
bypass the code execution to the Application_EndRequest event.

For detailed info on it, please refer to MSDN article:
"PRB: ThreadAbortException Occurs If You Use Response.End,
Response.Redirect, or Server.Transfer"
http://support.microsoft.com/?id=312629

Does that answer your questoin?

Best regards,
Yanhong Huang
Microsoft Online Partner Support

Get Secure! C www.microsoft.com/security
This posting is provided "AS IS" with no warranties, and confers no rights.
Hello Yan-Hong,

Thanks for you reply again!

I think this is a quite interesting case since when I use
ApplicationInstance.CompleteRequest instead of Response.End, no more
exception is captured. However, the original problem, HTML codes are
included in the downloaded file, comes again!

Until now, I think using Reponse.End with additional exceptional handler (in
which the remaining codes after Response.End are there) may be the best way
to solve my problem.

If you have any other good idea, please let me know and share with all
others here.

Regards,
James

"Yan-Hong Huang[MSFT]" <yhhuang@.online.microsoft.com> bl
news:Yxq4fBlrDHA.1212@.cpmsftngxa06.phx.gbl g...
> Hello James,
> Thanks for your response.
> The Response.End method ends the page execution and shifts the execution
to
> the Application_EndRequest event in the application's event pipeline. The
> line of code that follows Response.End is not executed. So
> ThreadAbortException exception occurs.
> To work around this problem, For Response.End, call the
> ApplicationInstance.CompleteRequest method instead of Response.End to
> bypass the code execution to the Application_EndRequest event.
> For detailed info on it, please refer to MSDN article:
> "PRB: ThreadAbortException Occurs If You Use Response.End,
> Response.Redirect, or Server.Transfer"
> http://support.microsoft.com/?id=312629
> Does that answer your questoin?
> Best regards,
> Yanhong Huang
> Microsoft Online Partner Support
> Get Secure! C www.microsoft.com/security
> This posting is provided "AS IS" with no warranties, and confers no
rights.
Hello Sherif,

Thanks again for your reply!

Do you mean that I should put all remaining codes outside the
Try...Catch...End Try block? On the other hand, I don't understand what
class's Render method you suggest me to override.

Regards,
James

"Sherif ElMetainy" <elmeteny.NOSPAM@.wayout.net.NOSPAM> bl
news:OOAFiVcrDHA.2304@.TK2MSFTNGP11.phx.gbl g...
> Hello
> ThreadAbortException is special in that even if your handler catches it,
it
> will be rethrown again at the end of the catch block, unless you call
> Thread.ResetAbort(). In your case it is not appropriate to call
> ResetAbort(), because this means the rendering of the page will continue.
> If you don't want to call Response.End() which throws the
> ThreadAbortException, you can override the Render Method and not call the
> base class Render method.
> Best regards
> Sherif
Hi James,

Just now I found this good article for you. :)

It contains a good sample in ASP.NET on how to download and upload file.

"Downloading and Uploading Files"
http://msdn.microsoft.com/library/e...pmig-downloadin
ganduploading.asp?frame=true#aspnet-jspmig-downloadinganduploading_topic6

Hope that helps.

Best regards,
Yanhong Huang
Microsoft Online Partner Support

Get Secure! C www.microsoft.com/security
This posting is provided "AS IS" with no warranties, and confers no rights.
Hi Yan-Hong,

Thanks again for your effort on my problem. I'll study the document to
solve my problem.

Regards,
James

"Yan-Hong Huang[MSFT]" <yhhuang@.online.microsoft.com> bl
news:CjFnTunrDHA.1716@.cpmsftngxa06.phx.gbl g...
> Hi James,
> Just now I found this good article for you. :)
> It contains a good sample in ASP.NET on how to download and upload file.
> "Downloading and Uploading Files"
http://msdn.microsoft.com/library/e...pmig-downloadin
> ganduploading.asp?frame=true#aspnet-jspmig-downloadinganduploading_topic6
> Hope that helps.
> Best regards,
> Yanhong Huang
> Microsoft Online Partner Support
> Get Secure! C www.microsoft.com/security
> This posting is provided "AS IS" with no warranties, and confers no
rights.
Hi James,

It is my pleasure. :)

Thanks very much for participating the community.

Best regards,
Yanhong Huang
Microsoft Online Partner Support

Get Secure! C www.microsoft.com/security
This posting is provided "AS IS" with no warranties, and confers no rights.

Strange Error - When Subfolder is converted to virutal folder

Let me explain step wise.
1.. I have a site running on port 5555
2.. If contains web.config file with contains <Forms> authentication.
3.. The site contains a sub-folder named "MembersArea" which contains ss.aspx
4.. ss.aspx contains page_load event which prints
Response.Write(Page.User.Identity.Name);
5.. Everything work proper untill here
6.. Now i want to have one more web.config file for folder "MembersArea" , I know i just cannot put web.config file into any sub-folder unless the folder is a "virtual folder"
7.. so i converted the "subfolder" into "virtual folder" from IIS Manager. (Note: I have not yet created any web.config in this subfolder)
8.. Now when i try to execute ss.aspx it throws strange error ... ( you can see the screen dump in the attached file)
9.. The Erorr message is: "Could not load type 'hs.ss'."
10.. When i remove the "virtual folder" it works again.
Can some one tell me what's actuall happening.When you set up another virtual folder, the ASP.NET runtime thinks that you
have an entirely separate ASP.NET application, and any data from the root
application is no longer available to you. In this case, your compiled code
is sitting in the root directory's bin subdirectory, and is not accessible
to the new application that you have created. Just leave it set up to not be
a virtual folder, and you will be fine. Also, you are absolutely able to
override settings in the web.config of your child folders - there are some
settings that are only held at the root level, these settings are inherited,
and you simply override those settings you need modified for a subfolder.
Most commonly, what I do is change access permissions for subfolders in a
child web.config, and leave everything else as the inherited values.

--
Chris Jackson
Software Engineer
Microsoft MVP - Windows Client
Windows XP Associate Expert
--
More people read the newsgroups than read my email.
Reply to the newsgroup for a faster response.
(Control-G using Outlook Express)
--

<Jignesh> wrote in message news:OAA5puswDHA.1088@.tk2msftngp13.phx.gbl...
Let me explain step wise.
1.. I have a site running on port 5555
2.. If contains web.config file with contains <Forms> authentication.
3.. The site contains a sub-folder named "MembersArea" which contains
ss.aspx
4.. ss.aspx contains page_load event which prints
Response.Write(Page.User.Identity.Name);
5.. Everything work proper untill here
6.. Now i want to have one more web.config file for folder "MembersArea" ,
I know i just cannot put web.config file into any sub-folder unless the
folder is a "virtual folder"
7.. so i converted the "subfolder" into "virtual folder" from IIS
Manager. (Note: I have not yet created any web.config in this subfolder)
8.. Now when i try to execute ss.aspx it throws strange error ... ( you
can see the screen dump in the attached file)
9.. The Erorr message is: "Could not load type 'hs.ss'."
10.. When i remove the "virtual folder" it works again.
Can some one tell me what's actuall happening.
I have a situation as follows. please suggest what shall i do.
a.. To login into the main site users need passwords. Its simple i have done this using asp.net forms authentication method.
b.. The site has "admin" section. which is to be protected by one more password level. Even if the user tries to access any admin pages directly by typing in url it should ask user "special" password to access pages.
c.. I thought by making it virtual directory i will be able to add web.config file with <authentication> tags for this sub-virtual folder.
But now it seems it will not be possible to do this. can u tell me any other way to implement this?

Regards,

"Chris Jackson" <chrisjATmvpsDOTorgNOSPAM> wrote in message news:%23af0bfywDHA.3116@.tk2msftngp13.phx.gbl...
> When you set up another virtual folder, the ASP.NET runtime thinks that you
> have an entirely separate ASP.NET application, and any data from the root
> application is no longer available to you. In this case, your compiled code
> is sitting in the root directory's bin subdirectory, and is not accessible
> to the new application that you have created. Just leave it set up to not be
> a virtual folder, and you will be fine. Also, you are absolutely able to
> override settings in the web.config of your child folders - there are some
> settings that are only held at the root level, these settings are inherited,
> and you simply override those settings you need modified for a subfolder.
> Most commonly, what I do is change access permissions for subfolders in a
> child web.config, and leave everything else as the inherited values.
>
> --
> Chris Jackson
> Software Engineer
> Microsoft MVP - Windows Client
> Windows XP Associate Expert
> --
> More people read the newsgroups than read my email.
> Reply to the newsgroup for a faster response.
> (Control-G using Outlook Express)
> --
>
> <Jignesh> wrote in message news:OAA5puswDHA.1088@.tk2msftngp13.phx.gbl...
> Let me explain step wise.
> 1.. I have a site running on port 5555
> 2.. If contains web.config file with contains <Forms> authentication.
> 3.. The site contains a sub-folder named "MembersArea" which contains
> ss.aspx
> 4.. ss.aspx contains page_load event which prints
> Response.Write(Page.User.Identity.Name);
> 5.. Everything work proper untill here
> 6.. Now i want to have one more web.config file for folder "MembersArea" ,
> I know i just cannot put web.config file into any sub-folder unless the
> folder is a "virtual folder"
> 7.. so i converted the "subfolder" into "virtual folder" from IIS
> Manager. (Note: I have not yet created any web.config in this subfolder)
> 8.. Now when i try to execute ss.aspx it throws strange error ... ( you
> can see the screen dump in the attached file)
> 9.. The Erorr message is: "Could not load type 'hs.ss'."
> 10.. When i remove the "virtual folder" it works again.
> Can some one tell me what's actuall happening.
>
>

Strange error handling problem

hi guys,

I have enabled error handling in my application through web.config and also using global.asax file.. but whenever there's any error in my application I am just transferred to default error page which is defined in web.config..

I want the code in global.asax file to take care of the error message as compared to web.config file..

what am i missing ??

web.config

<customErrors mode="RemoteOnly" defaultRedirect="~/Error/Default.aspx"/>

Global.asax

' Fires when an error occurs
 Dim ptr As New SystemFunctions
 ptr.SendExceptionReport(Session, Request, Server.GetLastError().InnerException, "MyWebApp")
 Response.Redirect("~/Error/")

Hi,

Remove the Response.Redirect in the Global.asax file.

The default error page will anyway be shown since you specify it in the web.config. The problem is when there is a response.redirect, it is first executed irrespective of other statements.

Try removing the response.redirect.

write back if it doesn't help.

thanks.

Strange error with Response.WriteFile and SSL

I have a site running under SSL. Works well so far but there is one ASPX
page which returns a dynamically created PDF file using Response.WriteFile.

When the browser requests this ASPX page via https (SSL) it displays a
message that secure and non secure items are to be displayed (free
translation from german so it might not be the exact wording in english).
When I say no (means non secure items are not displayed) my PDF still is
displayed - so it seems thats not the one causing the message.

Any ideas whats wrong or even better how to solve it?

Regards,
Martin Knopp
fecher GmbH"Martin Knopp" <martin.knopp@.fecher.at> wrote in news:GGVQb.304173$Tz1.135851
@.news.chello.at:
> I have a site running under SSL. Works well so far but there is one ASPX
> page which returns a dynamically created PDF file using Response.WriteFile.
> When the browser requests this ASPX page via https (SSL) it displays a
> message that secure and non secure items are to be displayed (free
> translation from german so it might not be the exact wording in english).
> When I say no (means non secure items are not displayed) my PDF still is
> displayed - so it seems thats not the one causing the message.
> Any ideas whats wrong or even better how to solve it?

It means that somewhere in the content you are sending back are some http://
referendces instead of https:// references. You need to make all images, and
other external type links https://

--
Chad Z. Hower (a.k.a. Kudzu) - http://www.hower.org/Kudzu/
"Programming is an art form that fights back"

ELKNews - Get your free copy at http://www.atozedsoftware.com
That would have been easy!

I checked for this already and the only thing we return is a PDF document.
Nothing else.

Today I heard from some source that it might be a problem of IE. I will have
to further investigate this probably.

Any other ideas/hints?

--
Martin Knopp
fecher GmbH

"Chad Z. Hower aka Kudzu" <cpub@.hower.org> schrieb im Newsbeitrag
news:Xns947C29C3EBBCcpub@.127.0.0.1...
> "Martin Knopp" <martin.knopp@.fecher.at> wrote in
news:GGVQb.304173$Tz1.135851
> @.news.chello.at:
> > I have a site running under SSL. Works well so far but there is one ASPX
> > page which returns a dynamically created PDF file using
Response.WriteFile.
> > When the browser requests this ASPX page via https (SSL) it displays a
> > message that secure and non secure items are to be displayed (free
> > translation from german so it might not be the exact wording in
english).
> > When I say no (means non secure items are not displayed) my PDF still is
> > displayed - so it seems thats not the one causing the message.
> > Any ideas whats wrong or even better how to solve it?
> It means that somewhere in the content you are sending back are some
http://
> referendces instead of https:// references. You need to make all images,
and
> other external type links https://
>
> --
> Chad Z. Hower (a.k.a. Kudzu) - http://www.hower.org/Kudzu/
> "Programming is an art form that fights back"
>
> ELKNews - Get your free copy at http://www.atozedsoftware.com
"Martin Knopp" <martin.knopp@.fecher.at> wrote in
news:Lm7Rb.314459$Tz1.163161@.news.chello.at:
> I checked for this already and the only thing we return is a PDF
> document. Nothing else.

Does the PDF have any links in it? IE shouldnt see those but..

Do a view source on the HTML and search for http://

--
Chad Z. Hower (a.k.a. Kudzu) - http://www.hower.org/Kudzu/
"Programming is an art form that fights back"

ELKNews - Get your free copy at http://www.atozedsoftware.com
How do you display a PDF?
Do you return the PDF document with proper content type?
Or are you displaying the HTML with embeded PDF?

George.

"Martin Knopp" <martin.knopp@.fecher.at> wrote in message
news:GGVQb.304173$Tz1.135851@.news.chello.at...
> I have a site running under SSL. Works well so far but there is one ASPX
> page which returns a dynamically created PDF file using
Response.WriteFile.
> When the browser requests this ASPX page via https (SSL) it displays a
> message that secure and non secure items are to be displayed (free
> translation from german so it might not be the exact wording in english).
> When I say no (means non secure items are not displayed) my PDF still is
> displayed - so it seems thats not the one causing the message.
> Any ideas whats wrong or even better how to solve it?
> Regards,
> Martin Knopp
> fecher GmbH
I return the PDF with proper contenttype

code-behind in Page_Load event (C#) looks approximately like this:

Response.Clear();
Response.ContentType = "appilcation/pdf";
Response.WriteFile( <local path to PDF document> );
Response.End();

Regards,
Martin Knopp
fecher GmbH
http://www.fecher.at

"George Ter-Saakov" <nospam@.hotmail.com> schrieb im Newsbeitrag
news:OeFFEoC5DHA.2540@.TK2MSFTNGP11.phx.gbl...
> How do you display a PDF?
> Do you return the PDF document with proper content type?
> Or are you displaying the HTML with embeded PDF?
> George.
> "Martin Knopp" <martin.knopp@.fecher.at> wrote in message
> news:GGVQb.304173$Tz1.135851@.news.chello.at...
> > I have a site running under SSL. Works well so far but there is one ASPX
> > page which returns a dynamically created PDF file using
> Response.WriteFile.
> > When the browser requests this ASPX page via https (SSL) it displays a
> > message that secure and non secure items are to be displayed (free
> > translation from german so it might not be the exact wording in
english).
> > When I say no (means non secure items are not displayed) my PDF still is
> > displayed - so it seems thats not the one causing the message.
> > Any ideas whats wrong or even better how to solve it?
> > Regards,
> > Martin Knopp
> > fecher GmbH
go to aspx page you are using for downloads and check to see if in html view
you see any html / aspx elements (if yes remove them)
because when you call Response.Flush they will not be cleared unless you
have default Buffer = true applicable across

a better option for downloads is to use ashx... it httphandler you... they
do offer a performance boost of around 5 - 10%

--
Regards,
HD
Once a Geek... Always a Geek
"Martin Knopp" <martin.knopp@.fecher.at> wrote in message
news:tisRb.330066$Tz1.68379@.news.chello.at...
>I return the PDF with proper contenttype
> code-behind in Page_Load event (C#) looks approximately like this:
> Response.Clear();
> Response.ContentType = "appilcation/pdf";
> Response.WriteFile( <local path to PDF document> );
> Response.End();
> Regards,
> Martin Knopp
> fecher GmbH
> http://www.fecher.at
> "George Ter-Saakov" <nospam@.hotmail.com> schrieb im Newsbeitrag
> news:OeFFEoC5DHA.2540@.TK2MSFTNGP11.phx.gbl...
>> How do you display a PDF?
>> Do you return the PDF document with proper content type?
>> Or are you displaying the HTML with embeded PDF?
>>
>> George.
>>
>> "Martin Knopp" <martin.knopp@.fecher.at> wrote in message
>> news:GGVQb.304173$Tz1.135851@.news.chello.at...
>> > I have a site running under SSL. Works well so far but there is one
>> > ASPX
>> > page which returns a dynamically created PDF file using
>> Response.WriteFile.
>>> > When the browser requests this ASPX page via https (SSL) it displays a
>> > message that secure and non secure items are to be displayed (free
>> > translation from german so it might not be the exact wording in
> english).
>> > When I say no (means non secure items are not displayed) my PDF still
>> > is
>> > displayed - so it seems thats not the one causing the message.
>>> > Any ideas whats wrong or even better how to solve it?
>>> > Regards,
>> > Martin Knopp
>> > fecher GmbH
>>>>
>>

Strange error, please

Hi. I have created a web-based "file manager", for remote-administration of
a web-site. It works okay.
The "main" form in the "file manager" is BrowseFiles.aspx. I can edit the
text files (among which the "js" files) by clicking on an achor which
redirects me to "edit.aspx".
Once in "edit.aspx", after I view a ".js" file, for instance, I click on the
button "Return to file manager". The code in the command "Return to file
manager" is mainly
Response.Redirect("BrowseFiles.aspx?Folder=" & strFolderPath) where
strFolderPath is the folder I was viewing before starting the edit.
I get:
________________________________________
___________________
Server Error in '/aspnetprojects/vsnet/ThePhile' Application.
A potentially dangerous Request.Form value was detected from the client
(txtFileContent="...uterHeight<screen.availHeight...").
Description: Request Validation has detected a potentially dangerous client
input value, and processing of the request has been aborted. This value may
indicate an attempt to compromise the security of your application, such as
a cross-site scripting attack. You can disable request validation by setting
validateRequest=false in the Page directive or in the configuration section.
However, it is strongly recommended that your application explicitly check
all inputs in this case.
Exception Details: System.Web.HttpRequestValidationException: A potentially
dangerous Request.Form value was detected from the client
(txtFileContent="...uterHeight<screen.availHeight...").
________________________________________
___________________
Note: txtFileContent is the text box in which I show the file to edit
(using, of course, stream readers).
I have tried using their suggestion (validateRequest=false) but it does not
change a thing... What am I doing wrong ?
Thank you.
Alex.The reason maybe the "<" or any html or script tag for that matter. Try it
again with a demo file which just contains "<foo>" or something and see if
you get the same error. Then try it with a file that has just "foo" and you
may not get any errors.
If this is the case then the way to fix it is to convert all < and > chars
to < and > when displaying to the client. You will then need to convert them
back again when receiving them.
The reason: Well the error report is telling you that the user has input a
script or script tag which could potentially be of harm. This is why most
forums etc do not accept HTML code from public users.
I could be wrong, but I hope it helps.
Regards
Geoff
"Alex Nitulescu" wrote:

> Hi. I have created a web-based "file manager", for remote-administration o
f
> a web-site. It works okay.
> The "main" form in the "file manager" is BrowseFiles.aspx. I can edit the
> text files (among which the "js" files) by clicking on an achor which
> redirects me to "edit.aspx".
> Once in "edit.aspx", after I view a ".js" file, for instance, I click on t
he
> button "Return to file manager". The code in the command "Return to file
> manager" is mainly
> Response.Redirect("BrowseFiles.aspx?Folder=" & strFolderPath) where
> strFolderPath is the folder I was viewing before starting the edit.
> I get:
> ________________________________________
___________________
> Server Error in '/aspnetprojects/vsnet/ThePhile' Application.
> A potentially dangerous Request.Form value was detected from the client
> (txtFileContent="...uterHeight<screen.availHeight...").
> Description: Request Validation has detected a potentially dangerous clien
t
> input value, and processing of the request has been aborted. This value ma
y
> indicate an attempt to compromise the security of your application, such a
s
> a cross-site scripting attack. You can disable request validation by setti
ng
> validateRequest=false in the Page directive or in the configuration sectio
n.
> However, it is strongly recommended that your application explicitly check
> all inputs in this case.
> Exception Details: System.Web.HttpRequestValidationException: A potentiall
y
> dangerous Request.Form value was detected from the client
> (txtFileContent="...uterHeight<screen.availHeight...").
> ________________________________________
___________________
> Note: txtFileContent is the text box in which I show the file to edit
> (using, of course, stream readers).
> I have tried using their suggestion (validateRequest=false) but it does no
t
> change a thing... What am I doing wrong ?
> Thank you.
> Alex.
>
>
Geoff, you were right - I tried a foo.html file, first containing "foo", and
second containing "<foo>". Obviously, the first time it worked, the second
time not.
I guess the only solution would be to convert those < and > to something
else - I'll have to find a convenient replacement symbol..
"Geoff Willings" <GeoffWillings@.discussions.microsoft.com> wrote in message
news:058EC81A-23FD-490B-8A8B-4968FB5681DD@.microsoft.com...
> The reason maybe the "<" or any html or script tag for that matter. Try it
> again with a demo file which just contains "<foo>" or something and see if
> you get the same error. Then try it with a file that has just "foo" and
> you
> may not get any errors.
> If this is the case then the way to fix it is to convert all < and > chars
> to < and > when displaying to the client. You will then need to convert
> them
> back again when receiving them.
> The reason: Well the error report is telling you that the user has input a
> script or script tag which could potentially be of harm. This is why most
> forums etc do not accept HTML code from public users.
> I could be wrong, but I hope it helps.
> Regards
> Geoff
> "Alex Nitulescu" wrote:
>

Strange error, please

Hi. I have created a web-based "file manager", for remote-administration of
a web-site. It works okay.

The "main" form in the "file manager" is BrowseFiles.aspx. I can edit the
text files (among which the "js" files) by clicking on an achor which
redirects me to "edit.aspx".

Once in "edit.aspx", after I view a ".js" file, for instance, I click on the
button "Return to file manager". The code in the command "Return to file
manager" is mainly
Response.Redirect("BrowseFiles.aspx?Folder=" & strFolderPath) where
strFolderPath is the folder I was viewing before starting the edit.

I get:
__________________________________________________ _________
Server Error in '/aspnetprojects/vsnet/ThePhile' Application.

A potentially dangerous Request.Form value was detected from the client
(txtFileContent="...uterHeight<screen.availHeight...").
Description: Request Validation has detected a potentially dangerous client
input value, and processing of the request has been aborted. This value may
indicate an attempt to compromise the security of your application, such as
a cross-site scripting attack. You can disable request validation by setting
validateRequest=false in the Page directive or in the configuration section.
However, it is strongly recommended that your application explicitly check
all inputs in this case.

Exception Details: System.Web.HttpRequestValidationException: A potentially
dangerous Request.Form value was detected from the client
(txtFileContent="...uterHeight<screen.availHeight...").
__________________________________________________ _________

Note: txtFileContent is the text box in which I show the file to edit
(using, of course, stream readers).

I have tried using their suggestion (validateRequest=false) but it does not
change a thing... What am I doing wrong ?

Thank you.
Alex.The reason maybe the "<" or any html or script tag for that matter. Try it
again with a demo file which just contains "<foo>" or something and see if
you get the same error. Then try it with a file that has just "foo" and you
may not get any errors.

If this is the case then the way to fix it is to convert all < and > chars
to < and > when displaying to the client. You will then need to convert them
back again when receiving them.

The reason: Well the error report is telling you that the user has input a
script or script tag which could potentially be of harm. This is why most
forums etc do not accept HTML code from public users.

I could be wrong, but I hope it helps.

Regards

Geoff

"Alex Nitulescu" wrote:

> Hi. I have created a web-based "file manager", for remote-administration of
> a web-site. It works okay.
> The "main" form in the "file manager" is BrowseFiles.aspx. I can edit the
> text files (among which the "js" files) by clicking on an achor which
> redirects me to "edit.aspx".
> Once in "edit.aspx", after I view a ".js" file, for instance, I click on the
> button "Return to file manager". The code in the command "Return to file
> manager" is mainly
> Response.Redirect("BrowseFiles.aspx?Folder=" & strFolderPath) where
> strFolderPath is the folder I was viewing before starting the edit.
> I get:
> __________________________________________________ _________
> Server Error in '/aspnetprojects/vsnet/ThePhile' Application.
> A potentially dangerous Request.Form value was detected from the client
> (txtFileContent="...uterHeight<screen.availHeight...").
> Description: Request Validation has detected a potentially dangerous client
> input value, and processing of the request has been aborted. This value may
> indicate an attempt to compromise the security of your application, such as
> a cross-site scripting attack. You can disable request validation by setting
> validateRequest=false in the Page directive or in the configuration section.
> However, it is strongly recommended that your application explicitly check
> all inputs in this case.
> Exception Details: System.Web.HttpRequestValidationException: A potentially
> dangerous Request.Form value was detected from the client
> (txtFileContent="...uterHeight<screen.availHeight...").
> __________________________________________________ _________
> Note: txtFileContent is the text box in which I show the file to edit
> (using, of course, stream readers).
> I have tried using their suggestion (validateRequest=false) but it does not
> change a thing... What am I doing wrong ?
> Thank you.
> Alex.
>
Geoff, you were right - I tried a foo.html file, first containing "foo", and
second containing "<foo>". Obviously, the first time it worked, the second
time not.
I guess the only solution would be to convert those < and > to something
else - I'll have to find a convenient replacement symbol..

"Geoff Willings" <GeoffWillings@.discussions.microsoft.com> wrote in message
news:058EC81A-23FD-490B-8A8B-4968FB5681DD@.microsoft.com...
> The reason maybe the "<" or any html or script tag for that matter. Try it
> again with a demo file which just contains "<foo>" or something and see if
> you get the same error. Then try it with a file that has just "foo" and
> you
> may not get any errors.
> If this is the case then the way to fix it is to convert all < and > chars
> to < and > when displaying to the client. You will then need to convert
> them
> back again when receiving them.
> The reason: Well the error report is telling you that the user has input a
> script or script tag which could potentially be of harm. This is why most
> forums etc do not accept HTML code from public users.
> I could be wrong, but I hope it helps.
> Regards
> Geoff
> "Alex Nitulescu" wrote:
>> Hi. I have created a web-based "file manager", for remote-administration
>> of
>> a web-site. It works okay.
>>
>> The "main" form in the "file manager" is BrowseFiles.aspx. I can edit the
>> text files (among which the "js" files) by clicking on an achor which
>> redirects me to "edit.aspx".
>>
>> Once in "edit.aspx", after I view a ".js" file, for instance, I click on
>> the
>> button "Return to file manager". The code in the command "Return to file
>> manager" is mainly
>> Response.Redirect("BrowseFiles.aspx?Folder=" & strFolderPath) where
>> strFolderPath is the folder I was viewing before starting the edit.
>>
>> I get:
>> __________________________________________________ _________
>> Server Error in '/aspnetprojects/vsnet/ThePhile' Application.
>>
>> A potentially dangerous Request.Form value was detected from the client
>> (txtFileContent="...uterHeight<screen.availHeight...").
>> Description: Request Validation has detected a potentially dangerous
>> client
>> input value, and processing of the request has been aborted. This value
>> may
>> indicate an attempt to compromise the security of your application, such
>> as
>> a cross-site scripting attack. You can disable request validation by
>> setting
>> validateRequest=false in the Page directive or in the configuration
>> section.
>> However, it is strongly recommended that your application explicitly
>> check
>> all inputs in this case.
>>
>> Exception Details: System.Web.HttpRequestValidationException: A
>> potentially
>> dangerous Request.Form value was detected from the client
>> (txtFileContent="...uterHeight<screen.availHeight...").
>> __________________________________________________ _________
>>
>> Note: txtFileContent is the text box in which I show the file to edit
>> (using, of course, stream readers).
>>
>> I have tried using their suggestion (validateRequest=false) but it does
>> not
>> change a thing... What am I doing wrong ?
>>
>> Thank you.
>> Alex.
>>
>>
>

Strange exeption when connecting to WebService

Hi NG,

When connecting to a local WebService one of our customers gets a very
strange exception:

"File or assembly name gaw9eaqv.dll, or one of its dependencies, was not
found."

The strange part is that the name of the assembly can vary, and has nothing
to do with the names of the assemblies used in neither the WebService or the
consumer of the WebService.

It looks to me as if the assembly is one of the Temporary assemplies created
by ASP.NET, but what could cause the error to occur?

Thanks for your time,

RickyHi Ricky,

Thanks for your posting. As for the
"File or assembly name {random name}.dll, or one of its dependencies, was
not found." when calling webservice.
error you mentioned, based on my research, generally there're 2 possible
causes:
1. Permission issue, the process acount haven't read/write permission to
the temporary folder. Also, we also have two sub scenarios, clientside or
serverside issue.(If both the client side and serverside are based on
.net).

At Serverside, the asp.net webservice will do runtime compilation and
generate assembly in the asp.net temporary
folder({sysdir}:\windows\Microsoft.NET\Framework\v 1.1.4322\Temporary
ASP.NET Files)
Make sure what's the asp.net's running process account(whether the
impersonate is used) and whether it has the sufficient permission to the
temporary folder.

Also, as for clientside, the identity of the client app will also need to
have these same permissions
(read/execute on C:\winnt\microsoft.net\framework, and write on
C:\winnt\temp)
when the client app is web-based (asp, asp.net), you have to watch out for
this.

note it's the identity of the client *process* which is used here (not the
impersonated identity). so it's the IWAM, ASPNET, or NETWORK SERVICE
account (not
the IUSR account or end user's account).

2. There are compile errors in the XmlSerializer generated code(since
webservice using the XmlSerializer to generate dynamic codes on the fly)

To trouble shoot this reason we added the following Switch in
machine.config.
<system.diagnostics>
<switches>
<add name="XmlSerialization.Compilation" value="4"/>
</switches>
</system.diagnostics
Now we executed the application and got _tmpname.00.cs and _tmpname.out
files added
in %temp% dir. This file may help provide some clues on the compile error.

Anyway, since the potential cause maybe one of the aboves, we may need some
further checks. I suggest you isolate the problem to serverside or
clientside first.

If you have anyother findings or need any assistance, please feel free to
post here. Thanks.

Regards,

Steven Cheng
Microsoft Online Support

Get Secure! www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)

Strange exeption when connecting to WebService

Hi NG,
When connecting to a local WebService one of our customers gets a very
strange exception:
"File or assembly name gaw9eaqv.dll, or one of its dependencies, was not
found."
The strange part is that the name of the assembly can vary, and has nothing
to do with the names of the assemblies used in neither the WebService or the
consumer of the WebService.
It looks to me as if the assembly is one of the Temporary assemplies created
by ASP.NET, but what could cause the error to occur?
Thanks for your time,
RickyHi Ricky,
Thanks for your posting. As for the
"File or assembly name {random name}.dll, or one of its dependencies, was
not found." when calling webservice.
error you mentioned, based on my research, generally there're 2 possible
causes:
1. Permission issue, the process acount haven't read/write permission to
the temporary folder. Also, we also have two sub scenarios, clientside or
serverside issue.(If both the client side and serverside are based on
.net).
At Serverside, the asp.net webservice will do runtime compilation and
generate assembly in the asp.net temporary
folder({sysdir}:\windows\Microsoft.NET\Framework\v1.1.4322\Temporary
ASP.NET Files)
Make sure what's the asp.net's running process account(whether the
impersonate is used) and whether it has the sufficient permission to the
temporary folder.
Also, as for clientside, the identity of the client app will also need to
have these same permissions
(read/execute on C:\winnt\microsoft.net\framework, and write on
C:\winnt\temp)
when the client app is web-based (asp, asp.net), you have to watch out for
this.
note it's the identity of the client *process* which is used here (not the
impersonated identity). so it's the IWAM, ASPNET, or NETWORK SERVICE
account (not
the IUSR account or end user's account).
2. There are compile errors in the XmlSerializer generated code(since
webservice using the XmlSerializer to generate dynamic codes on the fly)
To trouble shoot this reason we added the following Switch in
machine.config.
<system.diagnostics>
<switches>
<add name="XmlSerialization.Compilation" value="4"/>
</switches>
</system.diagnostics>
Now we executed the application and got _tmpname.00.cs and _tmpname.out
files added
in %temp% dir. This file may help provide some clues on the compile error.
Anyway, since the potential cause maybe one of the aboves, we may need some
further checks. I suggest you isolate the problem to serverside or
clientside first.
If you have anyother findings or need any assistance, please feel free to
post here. Thanks.
Regards,
Steven Cheng
Microsoft Online Support
Get Secure! www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)

Strange file in my app. Don't know what it is . . .

Hello -
I have a strange file that I did not add to my app and don't know how it got
there.
It's in a folder called Login and the name of the file is "ve-AE.tmp"
It has text like:
000000a0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
000000b0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
000000c0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Anyone know what this is and how it may have gotten into my application?
SandyGoogle shows nothing for this file name.
move it or rename it and see if it comes back

Strange file in my app. Dont know what it is . . .

Hello -

I have a strange file that I did not add to my app and don't know how it got
there.

It's in a folder called Login and the name of the file is "ve-AE.tmp"

It has text like:

000000a0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
000000b0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
000000c0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

Anyone know what this is and how it may have gotten into my application?

--
SandyGoogle shows nothing for this file name.

move it or rename it and see if it comes back

Strange file access problem

I have an .NET 2.0 web application that I am using to create, read,
encrypt, and delete an XML file. It all works great when I am testing
it on the local machine that I am using as a web server, in debug and
release using impersonation, but when I use a different computer to log

on to the same page, using the same user id, it returns with an
UnauthorizedAccessException saying that I do not have access to the
file. The file is not on either machine. The path I use is
\\<server>\<folder>\<folder>\setup.xml and I have already tried it
mapped as z:\f<folder>\<folder>\setup.xml , but when I use the machine
that is running IIS, neither paths gave me any trouble at all. I have
also checked System.Security.Principal.WindowsIdentity.GetCurre nt()
while using both and, as far as I can tell, they are identical except
that the one ran from the IIS machine has the extra group "LOCAL", and
the remote attempts don't, but that seems unimportant. (at least I
hope it is because I have tried to add the current user to the role
"LOCAL", but can't get it to work)

Any help anyone can share would be greatly appreciated, I thank you in
advance.

-Sethbump

strange file upload behaviour (404 with one pdf but not with another)

Hi

Maybe there is an oracle out there who can help.

I have an aspx site and a simple fileupload control on it.
Everything works fine except:
I can reproduce an 404 error when trying to upload some files.
It only happens when trying to upload PDF Files, and not on every PDF
File.

Let me illustrate this
xy.pdf - upload no problem
ab.pdf - 404 - Cannot find server or DNS Error

There are more pdf's where the problem occurs and also some others
where it does not..

The error comes within a millisecond as if IE does not try to upload.

What the heck is this...?i bet you the one that doesn't work is over 4 megs right?

mikecom@.gmx.net wrote:
> Hi
> Maybe there is an oracle out there who can help.
> I have an aspx site and a simple fileupload control on it.
> Everything works fine except:
> I can reproduce an 404 error when trying to upload some files.
> It only happens when trying to upload PDF Files, and not on every PDF
> File.
> Let me illustrate this
> xy.pdf - upload no problem
> ab.pdf - 404 - Cannot find server or DNS Error
> There are more pdf's where the problem occurs and also some others
> where it does not..
> The error comes within a millisecond as if IE does not try to upload.
> What the heck is this...?
max upload size in asp.net is 4 MB

you can change this in web.config:

<httpRuntime maxRequestLength="size in kbytes" /
asp.net uploads files into memory, so a 1 GB upload will take 1 GB of
memory on your server. if you want to upload big files, you'll need to
buy an upload component that streams uploaded files to disk.

mikecom@.gmx.net wrote:
> Hi
> Maybe there is an oracle out there who can help.
> I have an aspx site and a simple fileupload control on it.
> Everything works fine except:
> I can reproduce an 404 error when trying to upload some files.
> It only happens when trying to upload PDF Files, and not on every PDF
> File.
> Let me illustrate this
> xy.pdf - upload no problem
> ab.pdf - 404 - Cannot find server or DNS Error
> There are more pdf's where the problem occurs and also some others
> where it does not..
> The error comes within a millisecond as if IE does not try to upload.
> What the heck is this...?
Bet won!

That was the problem...

Tanks a lot!
neilmcguigan@.gmail.com wrote:
> max upload size in asp.net is 4 MB
> you can change this in web.config:
> <httpRuntime maxRequestLength="size in kbytes" />
> asp.net uploads files into memory, so a 1 GB upload will take 1 GB of
> memory on your server. if you want to upload big files, you'll need to
> buy an upload component that streams uploaded files to disk.
> mikecom@.gmx.net wrote:
> > Hi
> > Maybe there is an oracle out there who can help.
> > I have an aspx site and a simple fileupload control on it.
> > Everything works fine except:
> > I can reproduce an 404 error when trying to upload some files.
> > It only happens when trying to upload PDF Files, and not on every PDF
> > File.
> > Let me illustrate this
> > xy.pdf - upload no problem
> > ab.pdf - 404 - Cannot find server or DNS Error
> > There are more pdf's where the problem occurs and also some others
> > where it does not..
> > The error comes within a millisecond as if IE does not try to upload.
> > What the heck is this...?

strange file upload behaviour (404 with one pdf but not with another)

Hi
Maybe there is an oracle out there who can help.
I have an aspx site and a simple fileupload control on it.
Everything works fine except:
I can reproduce an 404 error when trying to upload some files.
It only happens when trying to upload PDF Files, and not on every PDF
File.
Let me illustrate this
xy.pdf - upload no problem
ab.pdf - 404 - Cannot find server or DNS Error
There are more pdf's where the problem occurs and also some others
where it does not..
The error comes within a millisecond as if IE does not try to upload.
What the heck is this...?i bet you the one that doesn't work is over 4 megs right?
mikecom@.gmx.net wrote:
> Hi
> Maybe there is an oracle out there who can help.
> I have an aspx site and a simple fileupload control on it.
> Everything works fine except:
> I can reproduce an 404 error when trying to upload some files.
> It only happens when trying to upload PDF Files, and not on every PDF
> File.
> Let me illustrate this
> xy.pdf - upload no problem
> ab.pdf - 404 - Cannot find server or DNS Error
> There are more pdf's where the problem occurs and also some others
> where it does not..
> The error comes within a millisecond as if IE does not try to upload.
> What the heck is this...?
max upload size in asp.net is 4 MB
you can change this in web.config:
<httpRuntime maxRequestLength="size in kbytes" />
asp.net uploads files into memory, so a 1 GB upload will take 1 GB of
memory on your server. if you want to upload big files, you'll need to
buy an upload component that streams uploaded files to disk.
mikecom@.gmx.net wrote:
> Hi
> Maybe there is an oracle out there who can help.
> I have an aspx site and a simple fileupload control on it.
> Everything works fine except:
> I can reproduce an 404 error when trying to upload some files.
> It only happens when trying to upload PDF Files, and not on every PDF
> File.
> Let me illustrate this
> xy.pdf - upload no problem
> ab.pdf - 404 - Cannot find server or DNS Error
> There are more pdf's where the problem occurs and also some others
> where it does not..
> The error comes within a millisecond as if IE does not try to upload.
> What the heck is this...?
Bet won!
That was the problem...
Tanks a lot!
neilmcguigan@.gmail.com wrote:
> max upload size in asp.net is 4 MB
> you can change this in web.config:
> <httpRuntime maxRequestLength="size in kbytes" />
> asp.net uploads files into memory, so a 1 GB upload will take 1 GB of
> memory on your server. if you want to upload big files, you'll need to
> buy an upload component that streams uploaded files to disk.
> mikecom@.gmx.net wrote: