[FIX] Validation of View State Mac Failed….

Everyone thinks configuring a website on web farm is easy, just needs to follow below steps

  1. Ensure the website ID is same on all servers
  2. Ensure machinekey is same on all servers
  3. Ensure session mode is state server
  4. If required add < Pages enableviewstatemac=”false” /> in web.config

Even I was also thinking the same and for some extends it is perfectly fine.

We had one dot.net 4.0 application developed using spring and one ajax webpage clients were getting below error only in CHROME while in IE it was working perfectly fine.

When I reported this issue I re-checked above 4 things and it was in place, its now a challenging task to make the application compatible to all browsers.

Started studying of <Pages /> attributes for web.config (why only pages attribute because website it was working fine for all pages except one )

And after lot of readings and compatibility check for web farm added below attributes in <Pages /> tab

<pages controlRenderingCompatibilityVersion=”3.5″ clientIDMode=”AutoID” enableEventValidation=”false” viewStateEncryptionMode=”Never” />    

In this tag every attribute has different meaning .

controlRenderingCompatibilityVersion=”3.5″ :- means consider every control as framework 2.0
while rendering it on page

clientIDMode=”AutoID” :- is used for ajax filtering

enableEventValidation=”false” :- If you browse to the page from another page via link inside a gridview and response.redirecting in the RowCommand event to the page passing an ID in the querystring. The page throws errors from controls inside the panel stating

therefore recommended that you set it to false only on the individual AJAX pages where it causes problems, while leaving it true in web.config.

As you would expect, in this mode ASP.NET will not encrypt the ViewState, even if the application is set for encryption and controls on the page have requested it. If you know that no data involved in the page needs to be encrypted, then it may be safe to set the mode to Never. However, at this point it is rare for the documentation about a control to disclose what is being saved in ViewState, so you will want to be careful if there is a chance that sensitive data could be exposed.

After adding the above tag in web.config , magic worked and it started working in all browsers including CHROME . It was the happiest moment for me after receiving call from client that it is working smoothly.



Prashant Deshpande









Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s