In The Mix

As a SharePoint architect I have the business behind me and the Developers and IT Pro on my shoulders.

Error message in WSS 3.0: "The security validation for this page is invalid" September 1, 2009

Filed under: SharePoint — fmuntean @ 6:46 pm

So when you deploy your page and try to run some code on the Post Back of the page you get the following error: “The Security validation for this page is invalid”. Microsoft has an Knowledge Base article but does not cover all the situations.

I have checked on the internet for the best solution to this problem and found many posts that recommends  to manually set the following:


site.AllowUnsafeUpdates = true;

web.AllowUnsafeUpdates = true; 

However I did not liked this solution so I looked a little bit harder and thanks to the Hristo Pavlov’s detailed investigation on the issue the best practice is:

If your code is processing a POST request then make sure you call SPUtility.ValidateFormDigest() before you do anything else. This will ensure that the post request is validated (that it is not a cross-site scripting attack) and after that you will not have to worry about AllowUnsafeUpdates, because its default value will be “true” after the form digest is validated.

To find out more about this read the two posts below:


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s