如何解決：回發或回調參數無效

Question

我已經創建了一個Web應用程序，其中用戶可以選擇重置他/她的密碼。

當他點擊重置密碼..會通過電子郵件發送給他的鏈接重置密碼..

點擊鏈接後，才能更改密碼的頁面。 ，用戶輸入新的密碼..

我有以下的ASPX UI頁面字段：

<div id="changePassDiv"> 
<div> 
<asp:TextBox ID="txtNewPassword" TextMode="Password" runat="server" class="form-control input-sm" placeholder="" TabIndex="1"></asp:TextBox> 
</div> 

<div> 
<asp:TextBox ID="txtConfirm" runat="server" class="form-control input-sm" TextMode="Password" placeholder="" TabIndex="1"></asp:TextBox> 
<asp:CompareValidator ID="cmp" runat="server" ControlToValidate="txtConfirm" ControlToCompare="txtNewPassword" ErrorMessage="Password doesn't match!" Display="Dynamic"></asp:CompareValidator> 
</div> 

<div><asp:Button ID="SubmitButton" runat="server" Class="btn btn-default-color btn-sm" Text="Submit" OnClick="SubmitButton_Click" OnClientClick="ga('send', 'event', 'contact', 'Click', 'Submit');" CausesValidation="true" ValidationGroup="DetailsGroup" /></div> 

</div> 

我aspx.cs後臺代碼：

public partial class reset : System.Web.UI.Page 
{ 
string userName = ""; string useremail = ""; 
protected void Page_Load(object sender, EventArgs e) 
{ 
    if (Request["email"] != "" && Request["email"] != null) 
    { 
     useremail = Server.UrlDecode(DLSecurity.DecryptString(Request.QueryString["email"].ToString())); 
    } 
    if (!Page.IsPostBack) 
    { 

    } 

} 


protected void SubmitButton_Click(object sender, EventArgs e) 
{ 

    try 
    { 
     if (useremail == "") 
     { 
      return; 
     } 
     userName = Membership.GetUserNameByEmail(DLSecurity.EncryptString(useremail)); 
     MembershipUser mu = Membership.GetUser(userName); 

     string password = mu.ResetPassword(); 
     if (mu.ChangePassword(password, txtNewPassword.Text)) 
     { 
      InvalidCredentialsMessage.Text = "Password changed successfully!"; 
      InvalidCredentialsMessage.ForeColor = Color.Green; 
      InvalidCredentialsMessage.Font.Size = 12; 
      ScriptManager.RegisterStartupScript(this, GetType(), "Success", "alert('Please enter your Username/Email Id!');", true); 
      //ClientScript.RegisterStartupScript(this.GetType(), "redirect user to homepage", "alert('password changed successfully. you are being redirected to homepage.');window.location.href='/homepage';", true); 
     } 
     else 
     { 
      InvalidCredentialsMessage.Text = "Password is not changed please try again!"; 
      InvalidCredentialsMessage.ForeColor = Color.Red; 
      InvalidCredentialsMessage.Font.Size = 12; 
     } 
    } 
    catch (Exception ex) 
    { 

     InvalidCredentialsMessage.Text = ex.Message; 
     if (ex.Message.ToLower().IndexOf("non alpha numeric characters") != -1) 
      InvalidCredentialsMessage.Text = "Password should consist of minimum 7 characters with atleast one capital alpahabet, one small alphabet, one special character and one numeric value"; 
     if (ex.Message.ToLower().IndexOf("value cannot be null") != -1) 
      InvalidCredentialsMessage.Text = "you are trying to change another user password!"; 
     InvalidCredentialsMessage.ForeColor = Color.Red; 
     InvalidCredentialsMessage.Font.Size = 9; 
    } 
} 
} 

當從電子郵件重置鏈接用戶點擊，它會更改密碼窗口，當他填寫新密碼&點擊提交時，會拋出以下錯誤：

Invalid postback or callback argument. Event validation is enabled using in configuration or <%@ Page EnableEventValidation="true" %> in a page. For security purposes, this feature verifies that arguments to postback or callback events originate from the server control that originally rendered them. If the data is valid and expected, use the ClientScriptManager.RegisterForEventValidation method in order to register the postback or callback data for validation.

描述：執行當前Web請求期間發生未處理的異常。請查看堆棧跟蹤以獲取有關該錯誤的更多信息以及源代碼的位置。

異常詳細信息：System.ArgumentException：無效的回發或回調參數。事件驗證在配置中啓用，或在頁面中啓用<％@ Page EnableEventValidation =「true」％>。爲了安全起見，此功能驗證回發或回調事件的參數來自最初呈現它們的服務器控件。如果數據有效且預期，請使用ClientScriptManager.RegisterForEventValidation方法爲註冊回發或回調數據進行驗證。

Source Error:

An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.

堆棧跟蹤：

[ArgumentException: Invalid postback or callback argument. Event validation is enabled using <pages enableEventValidation="true"/> in configuration or <%@ Page EnableEventValidation="true" %> in a page. For security purposes, this feature verifies that arguments to postback or callback events originate from the server control that originally rendered them. If the data is valid and expected, use the ClientScriptManager.RegisterForEventValidation method in order to register the postback or callback data for validation.] 
    System.Web.UI.ClientScriptManager.ValidateEvent(String uniqueId, String argument) +11859663 
    System.Web.UI.Control.ValidateEvent(String uniqueID, String eventArgument) +143 
    System.Web.UI.WebControls.HiddenField.LoadPostData(String postDataKey, NameValueCollection postCollection) +54 
    System.Web.UI.Page.ProcessPostData(NameValueCollection postData, Boolean fBeforeLoad) +580 
    System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +931 

Note: i have tried adding <%@ Page EnableEventValidation="true" %> but it didn't workde

Answer 1

這是一個重複的問題，你可以在下面找到答案：

Disable eventvalidation (bad idea, because you lose a little of security that come with very little cost). 
Use ASP.NET Ajax UpdatePanel. (Put the listbox in the Updatepanel and trigger a update, if you add or remove listbox. This way viewstate and related fields get updates and eventvalidation will pass.) 
Forget client-side and use the classic postback and add or remove the listitems server-side. 

按照下面的鏈接：[Invalid postback or callback argument. Event validation is enabled using '<pages enableEventValidation="true"/>'