GD Bloggers

This is the blog site for Microsoft Global Delivery Communities focused in sharing the technical knowledge about devices, apps and cloud.
Follow Us On Twitter! Subscribe To Our Blog! Contact Us

Troubleshooting SharePoint Error: The security validation for this page is invalid

Troubleshooting SharePoint Error: The security validation for this page is invalid

  • Comments 3
  • Likes

While doing custom development on SharePoint using Visual Studio, it is common to get "The security validation for this page is invalid". I give 2 simple steps to troubleshoot this issue, I assume that you did not yet go into playing with the Web Application security settings (And please do not!!)...

Step 1: In the master page, ensure that the Form Digest control is there, put it at the end of your master page. This should look like ...

<asp:ContentPlaceHolder id=”PlaceHolderFormDigest” runat=”server”>
        <SharePoint:FormDigest runat=”server”/>
</asp:ContentPlaceHolder>

Refer to this MSDN article: http://msdn.microsoft.com/en-us/library/microsoft.sharepoint.webcontrols.formdigest.aspx

Step 2: Your code might be running with Elevated privilege using SPSecurity.RunWithElevatedPrivileges. If your code is performing updates to the web application, you will get this security error or "Access Denied" error. To avoid this, use the SPUtility.ValidateFormDigest() before running your elevated code. This should be something like...

SPUtility.ValidateFormDigest();
SPSecurity.RunWithElevatedPrivileges(delegate()
{....

 Refer to this MSDN article: http://msdn.microsoft.com/en-us/library/microsoft.sharepoint.utilities.sputility.validateformdigest.aspx

What not to do:

Never, Never, play with the Farm or WebApplication security settings. I have seen many blogs that will ask you to web.AllowUnsafeUpdates=true; or ValidateFormDigest.Enabled=false; if you do this, you open security threats to your web application. People can submit incorrect data and bypass ASP .Net security. When trouble happens or you web site is attacked, it should not be your code to blame.

Happy coding:)

Comments
  • The second step worked brilliantly for me. I am running in elevated scope. Thank you

  • Thanks Thanks Thanks . Its really good and helpfull .

  • SPUtility.ValidateFormDigest(); was the key. Thank you !

Your comment has been posted.   Close
Thank you, your comment requires moderation so it may take a while to appear.   Close
Leave a Comment