So I get the exception
Invalid postback or callback argument.
Event validation is enabled using
in configuration or <%@ Page
EnableEventValidation="true" %> in a
page. For security purposes, this
feature verifies that arguments to
postback or callback events originate
from the server control that
originally rendered them. If the data
is valid and expected, use the
ClientScriptManager.RegisterForEventValidation
method in order to register the
postback or callback data for
validation.
With the following stack trace
[System.ArgumentException: Untrapped
Exception: Invalid postback or
callback argument. Event validation
is enabled using in
configuration or <%@ Page
EnableEventValidation="true" %> in a
page. For security purposes, this
feature verifies that arguments to
postback or callback events originate
from the server control that
originally rendered them. If the data
is valid and expected, use the
ClientScriptManager.RegisterForEventValidation
method in order to register the
postback or callback data for
validation.] at
System.Web.UI.ClientScriptManager.ValidateEvent(String
uniqueId, String argument) at
System.Web.UI.Control.ValidateEvent(String
uniqueID, String eventArgument) at
System.Web.UI.WebControls.LinkButton.RaisePostBackEvent(String
eventArgument) at
System.Web.UI.WebControls.LinkButton.System.Web.UI.IPostBackEventHandler.RaisePostBackEvent(String
eventArgument) at
System.Web.UI.Page.RaisePostBackEvent(IPostBackEventHandler
sourceControl, String eventArgument)
at
System.Web.UI.Page.RaisePostBackEvent(NameValueCollection
postData) at
System.Web.UI.Page.ProcessRequestMain(Boolean
includeStagesBeforeAsyncPoint, Boolean
includeStagesAfterAsyncPoint)
The exception occurs after submitting a form, and then quickly clicking on a LinkButton to download a file on the same page before the page reloads again.
Can someone explain the details of why this exception is occurring upon executing the actions described above?
Thanks in advance!
This has to be one of the most frustrating error messages in .NET, but once you get a feel for what's going on, it makes sense. .NET likes to know EVERYTHING that's going on. It keeps track of all the elements that it has placed on the page. Along those same lines, .NET gets offended when it receives input from something it didn't know about. In your case, it sounds like, at the time you click on the LinkButton, .NET doesn't think it should be there. In my experience, there are two likely reasons for this:
You're doing to client-side wizardry that is creating new inputs or cloning existing inputs.
While the form submission is being processed, .NET does something to the LinkButton which causes it to be no longer available. Some examples of this I've run into are when your LinkButton is dynamically created in the backend or you're using UpdatePanels and their content get changed during the form's submission.
Basically, I believe if you step through the form submission code and watch that LinkButton, you'll see .NET forget about it, which understandably triggers this "Security Exception" when the LinkButton is clicked.
If they're clicking before a page has a chance to fully render then the __EVENTVALIDATION fields aren't going to have been completely written - thus your error.
Now this was fixed in 3.5 SP1/3.0 SP2, and is configurable in web.config;
<configuration>
<system.web>
<pages renderAllHiddenFieldsAtTopOfForm="true"></pages>
</system.web>
</configuration>
The default is true - so what version of .NET are you running? You could always disable the buttons client side until the page has finished loading.
This error was appearing intermittently for me, on a very large page.
I discovered that if a button was clicked before the page had completed loading, it would give this error.
Waiting for the page to load completely before clicking the button, I didn't get the error.
Use this in page.asx in the page tag EnableEventValidation="false"
I've found that html forms can cause this problem in WebForms if you don't remove them all from a template