Reputation: 16011
ASP.NET Invalid Postback Curiosity
I have a webfarm with two servers using "sticky" sessions at the load balancer. The machinekeys in the web.configs match and the site numbers in IIS are identical. Session is stored in memory. Generally we don't have any problems. However, it is possible to trigger an invalid postback exception by crossing the two servers. I thought that since the machinekeys, version of .NET, and site numbers in IIS were the same that this shouldn't happen on a postback, but it is; am I missing something?
Upvotes: 1
Views: 104
Answers (1)
Reputation: 3043
It is perhaps caused by event validation? Here's a msdn post describing it:
TL;DR: the default behavior (and it's a good behavior to have for security reasons probably) is that the server verifies it rendered the original html of a postback's event. So, if you load the page on server A, it remembers it rendered a page that can postback event foo. If server B ends up getting that postback, it will complain because it could be a sign of an xss attack or something like it.
Upvotes: 1
Related Questions
- Double postback issue
- Invalid postback or callback argument
- 'Operation is not valid due to the current state of the object' error during postback
- PostBack Option Not Working | ASP.NET
- ASP.NET Postback Issues
- Postback problems
- Postback Error?
- Empty Postbacks on ASP.NET pages
- ASP.NET Postback error
- Postback issue in ASP.NET