“填充无效且无法删除” WebResource.axd 上的异常
我有一个 ASP.NET 2.0 应用程序,它在我们的本地环境中运行良好。 当发布到测试服务器时,我们在服务器上遇到间歇性错误。
这是最常见的:
填充无效且无法删除。 描述:执行当前 Web 请求期间发生未处理的异常。 请查看堆栈跟踪以获取有关错误及其在代码中的来源的更多信息。
异常详细信息: System.Security.Cryptography.CryptographicException: 填充无效且不能 已删除。
来源错误:
生成了未处理的异常 当前执行期间 网络请求。 有关信息 异常的起源和地点 可以使用异常来识别 下面的堆栈跟踪。
堆栈跟踪:
[CryptographicException:填充是 无效且无法删除。]
System.Security.Cryptography.RijndaelManagedTransform.DecryptData(Byte[] 输入缓冲区,Int32 输入偏移,Int32 inputCount、Byte[]& 输出缓冲区, Int32 输出偏移、PaddingMode paddingMode,布尔值 fLast) +1545747
System.Security.Cryptography.RijndaelManagedTransform.TransformFinalBlock(字节[] 输入缓冲区,Int32 输入偏移,Int32 输入计数)+257
System.Security.Cryptography.CryptoStream.FlushFinalBlock() +30 System.Web.Configuration.MachineKeySection.EncryptOrDecryptData(布尔值 fEncrypt、Byte[] buf、Byte[] 修饰符、 Int32 开始、Int32 长度、布尔值 useValidationSymAlgo) +164
System.Web.UI.Page.DecryptString(字符串 s) +83
System.Web.Handlers.AssemblyResourceLoader.System.Web.IHttpHandler.ProcessRequest(HttpContext 上下文)+148
System.Web.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() +358 System.Web.HttpApplication.ExecuteStep(IExecutionStep) 步骤,布尔值& 同步完成) +64
这发生在对特定 WebResource.axd 请求的请求上。
我们看到的另一个错误是:
视图状态 MAC 验证失败。 如果此应用程序由 Web 托管 农场或集群,确保 配置指定 相同的validationKey和validation 算法。 无法使用自动生成 在一个集群中。 描述:一个 期间发生未处理的异常 当前网络的执行 要求。 请检查堆栈跟踪 有关错误的更多信息 以及它在代码中的起源。
异常详细信息: System.Web.HttpException:验证 viewstate MAC 失败。 如果这 应用程序由 Web Farm 托管或 集群,确保 配置指定相同 验证密钥和验证 算法。 无法使用自动生成 在一个集群中。
发布表单时偶尔会发生此错误。
现在,在您介入并告诉我此错误的明显(通常)答案之前,请考虑一下:
- 该应用程序部署到 IIS6 上的 Windows Server 2003,
- 它不在网络场上。 这里只使用一台网络服务器。
- 应用程序池标识是一个自定义服务帐户,我确实在服务器上运行了
aspnet_regiss -ga。 没有效果。
I have an ASP.NET 2.0 application that is working fine in our local environment. When published to a test server, we're getting intermittent errors on the server.
Here's the most common:
Padding is invalid and cannot be removed.
Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.
Exception Details:
System.Security.Cryptography.CryptographicException:
Padding is invalid and cannot be
removed.Source Error:
An unhandled exception was generated
during the execution of the current
web request. Information regarding the
origin and location of the exception
can be identified using the exception
stack trace below.Stack Trace:
[CryptographicException: Padding is
invalid and cannot be removed.]
System.Security.Cryptography.RijndaelManagedTransform.DecryptData(Byte[]
inputBuffer, Int32 inputOffset, Int32
inputCount, Byte[]& outputBuffer,
Int32 outputOffset, PaddingMode
paddingMode, Boolean fLast) +1545747
System.Security.Cryptography.RijndaelManagedTransform.TransformFinalBlock(Byte[]
inputBuffer, Int32 inputOffset, Int32
inputCount) +257
System.Security.Cryptography.CryptoStream.FlushFinalBlock()
+30 System.Web.Configuration.MachineKeySection.EncryptOrDecryptData(Boolean
fEncrypt, Byte[] buf, Byte[] modifier,
Int32 start, Int32 length, Boolean
useValidationSymAlgo) +164
System.Web.UI.Page.DecryptString(String
s) +83
System.Web.Handlers.AssemblyResourceLoader.System.Web.IHttpHandler.ProcessRequest(HttpContext
context) +148
System.Web.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
+358 System.Web.HttpApplication.ExecuteStep(IExecutionStep
step, Boolean& completedSynchronously)
+64
This happens on a request to a specific WebResource.axd request.
The other error that we're seeing is this:
Validation of viewstate MAC failed.
If this application is hosted by a Web
Farm or cluster, ensure that
configuration specifies
the same validationKey and validation
algorithm. AutoGenerate cannot be used
in a cluster. Description: An
unhandled exception occurred during
the execution of the current web
request. Please review the stack trace
for more information about the error
and where it originated in the code.Exception Details:
System.Web.HttpException: Validation
of viewstate MAC failed. If this
application is hosted by a Web Farm or
cluster, ensure that
configuration specifies the same
validationKey and validation
algorithm. AutoGenerate cannot be used
in a cluster.
This error happens occasionally while posting a form.
Now before you jump in and tell me the obvious (usual) answer to this error, consider this:
- The application is deployed to Windows Server 2003 on IIS6
- It is NOT on a web farm. Only one webserver is in use here.
- The application pool identity is a custom service account, and I did run
aspnet_regiss -ga <username>on the server. No effect.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(3)
该错误是因为您的应用程序域被回收/重新启动。 当发生这种情况时,应用程序和机器密钥设置为自动,它会发生变化。 这会影响资源 url (.axd) 的 url 中信息的解密。 设置固定的机器密钥将防止这种情况再次发生。
请检查此以获取有关类似案例的更多信息(解释是视图状态验证问题,但原因是相同的):https://developmentnow.com/2006/02/14/invalid_viewstate-or-unable-to-validate-data-error/< /a>
我也想知道这个问题有一段时间了。 在我看到这个问题后,它再次吸引了我: 这是企图破坏我的 ASP.Net 站点的安全性吗? ...我刚刚的回答非常相似。 我有一种感觉,它是围绕某些东西的重新启动,因为当我们发布一些回收应用程序的东西时,错误显示在日志中,但我没有任何其他来源说明其关系(今天我在 invalidviewstate 上发现了这种情况,因为机器密钥更改:))
Ps。 上面最后在单服务器上解释了它:)
The error is because your appdomain was recycled/restarted. When that happens the application and the machine key is set to auto, it changes. That affects the decryption of the info in the url of the resources urls (.axd). Setting up a fixed machine key will prevent it from ever happening again.
Please check this for more info on a similar case (the explanation is with an issue with viewstate validation, but the cause is the same one): https://developmentnow.com/2006/02/14/invalid_viewstate-or-unable-to-validate-data-error/
I also had been wondering about it for quite a while. After I saw this question it got me on it again: Is this an attempt to break my ASP.Net site's security? ... which I just answered with very much the same. I had the feeling it was around some restart of something, because when we published something that recycled the application the error showed in the log, but I didn't have any other source stating its relation (today I found that case on invalidviewstate because of the machinekey change :))
Ps. above finally explains it on single server :)
当页面在浏览器中完全加载之前生成帖子时,会出现此问题。 看看这个问题。
This problem appears when a post is generated before the page is fully loaded in the browser. Have a look at this question.
本,
对于您的第一个问题,我发现这似乎更符合您所看到的问题,因为该问题是零星发生的。
您应该能够在 http://www. codeproject.com/KB/security/Cryptor.aspx#aes。
您真正需要做的是将 RijndaelAlg.Padding 设置为 PaddingMode.ISO10126、PaddingMode.PKCS7 或 PaddingMode.ANSIX923。 只要您在加密和解密时使用相同的值,这 3 个值中的任何一个都应该有效。 其他值适用于某些数据,但不适用于所有数据。 上面的 URL 解释了原因。
我不明白的是,微软提供的选项有时不起作用,或者至少为什么他们不默认为可靠的选项。
Ben,
For your first problem, I found this that seems to be a bit more to the point of what you are seeing in that the problem is sporadically occurring.
You should be able to find a full explanation of this at http://www.codeproject.com/KB/security/Cryptor.aspx#aes.
What you really need to do is set RijndaelAlg.Padding to PaddingMode.ISO10126, PaddingMode.PKCS7, or PaddingMode.ANSIX923. Any one of these 3 values should work, provided that you use the same value when encrypting and decrypting. Other values will work with some data, but not with all data. The above URL explains why.
What I don't understand is the reason Microsoft provides options that sometimes don't work, or at least why they don't default to a reliable option.