security error?

Please help!
I have Active Dir, Exchange and SQL 2000 on the same Win 
2000 server machine. Installed CRM OK. Made security 
service dependent as outlined in deployment guide. Created 
an account in CRM and can browse around, but cannot save 
anything. The error I am getting is:

Server Error in '/' Application.
-----------------------------------------------------------
---------------------

A potentially dangerous Request.Form value was detected 
from the client 
(crmFormSubmitXml="<activity><activityt..."). 
Description: Request Validation has detected a potentially 
dangerous client input value, and processing of the 
request has been aborted. This value may indicate an 
attempt to compromise the security of your application, 
such as a cross-site scripting attack. You can disable 
request validation by setting validateRequest=false in the 
Page directive or in the configuration section. However, 
it is strongly recommended that your application 
explicitly check all inputs in this case. 

Exception Details: 
System.Web.HttpRequestValidationException: A potentially 
dangerous Request.Form value was detected from the client 
(crmFormSubmitXml="<activity><activityt...").

Source Error: 

An unhandled exception was generated during the execution 
of the current web request. Information regarding the 
origin and location of the exception can be identified 
using the exception stack trace below.  

Stack Trace: 


[HttpRequestValidationException (0x80004005): A 
potentially dangerous Request.Form value was detected from 
the client (crmFormSubmitXml="<activity><activityt...").]
   System.Web.HttpRequest.ValidateString(String s, String 
valueName, String collectionName) +230
   System.Web.HttpRequest.ValidateNameValueCollection
(NameValueCollection nvc, String collectionName) +99
   System.Web.HttpRequest.get_Form() +121
   System.Web.UI.Page.GetCollectionBasedOnMethod() +70
   System.Web.UI.Page.DeterminePostBackMode() +47
   System.Web.UI.Page.ProcessRequestMain() +2106
   System.Web.UI.Page.ProcessRequest() +218
   System.Web.UI.Page.ProcessRequest(HttpContext context) 
+18
   
System.Web.CallHandlerExecutionStep.System.Web.HttpApplicat
ion+IExecutionStep.Execute() +179
   System.Web.HttpApplication.ExecuteStep(IExecutionStep 
step, Boolean& completedSynchronously) +87

 


-----------------------------------------------------------
---------------------
Version Information: Microsoft .NET Framework 
Version:1.1.4322.535; ASP.NET Version:1.1.4322.535 
0
Angel
8/26/2003 4:16:04 PM
crm 35858 articles. 1 followers. Follow

3 Replies
979 Views

Similar Articles

[PageSpeed] 42

Angel,

CRM doesn't support the 1.1 .Net framework.  You will need to backup to the
1.0 sp2 framework in order to get CRM to work.  This may also require you to
re-install CRM afterwards, I'm not sure.

HTH,
Matt


"Angel" <angel@cnsi.ca> wrote in message
news:086301c36bed$590d7060$a001280a@phx.gbl...
Please help!
I have Active Dir, Exchange and SQL 2000 on the same Win
2000 server machine. Installed CRM OK. Made security
service dependent as outlined in deployment guide. Created
an account in CRM and can browse around, but cannot save
anything. The error I am getting is:

Server Error in '/' Application.
-----------------------------------------------------------
---------------------

A potentially dangerous Request.Form value was detected
from the client
(crmFormSubmitXml="<activity><activityt...").
Description: Request Validation has detected a potentially
dangerous client input value, and processing of the
request has been aborted. This value may indicate an
attempt to compromise the security of your application,
such as a cross-site scripting attack. You can disable
request validation by setting validateRequest=false in the
Page directive or in the configuration section. However,
it is strongly recommended that your application
explicitly check all inputs in this case.

Exception Details:
System.Web.HttpRequestValidationException: A potentially
dangerous Request.Form value was detected from the client
(crmFormSubmitXml="<activity><activityt...").

Source Error:

An unhandled exception was generated during the execution
of the current web request. Information regarding the
origin and location of the exception can be identified
using the exception stack trace below.

Stack Trace:


[HttpRequestValidationException (0x80004005): A
potentially dangerous Request.Form value was detected from
the client (crmFormSubmitXml="<activity><activityt...").]
   System.Web.HttpRequest.ValidateString(String s, String
valueName, String collectionName) +230
   System.Web.HttpRequest.ValidateNameValueCollection
(NameValueCollection nvc, String collectionName) +99
   System.Web.HttpRequest.get_Form() +121
   System.Web.UI.Page.GetCollectionBasedOnMethod() +70
   System.Web.UI.Page.DeterminePostBackMode() +47
   System.Web.UI.Page.ProcessRequestMain() +2106
   System.Web.UI.Page.ProcessRequest() +218
   System.Web.UI.Page.ProcessRequest(HttpContext context)
+18

System.Web.CallHandlerExecutionStep.System.Web.HttpApplicat
ion+IExecutionStep.Execute() +179
   System.Web.HttpApplication.ExecuteStep(IExecutionStep
step, Boolean& completedSynchronously) +87




-----------------------------------------------------------
---------------------
Version Information: Microsoft .NET Framework
Version:1.1.4322.535; ASP.NET Version:1.1.4322.535


0
Matt
8/26/2003 4:43:05 PM
Someone posted a workaround earlier:

Modify your web.config file.  You need  validateRequest="false" in the
<pages/> node.

Here is an example:

<system.web>
		<compilation defaultLanguage="C#" debug="false"/>
		<authentication mode="Windows"/>
		<identity impersonate="true"/>
		<pages buffer="true" enableSessionState="false"
enableViewState="false" validateRequest="false"/>
		<sessionState mode="Off"/>
	 	<customErrors mode="Off"/>
	</system.web>




"Angel" <angel@cnsi.ca> wrote in message news:<086301c36bed$590d7060$a001280a@phx.gbl>...
> Please help!
> I have Active Dir, Exchange and SQL 2000 on the same Win 
> 2000 server machine. Installed CRM OK. Made security 
> service dependent as outlined in deployment guide. Created 
> an account in CRM and can browse around, but cannot save 
> anything. The error I am getting is:
> 
> Server Error in '/' Application.
> -----------------------------------------------------------
> ---------------------
> 
> A potentially dangerous Request.Form value was detected 
> from the client 
> (crmFormSubmitXml="<activity><activityt..."). 
> Description: Request Validation has detected a potentially 
> dangerous client input value, and processing of the 
> request has been aborted. This value may indicate an 
> attempt to compromise the security of your application, 
> such as a cross-site scripting attack. You can disable 
> request validation by setting validateRequest=false in the 
> Page directive or in the configuration section. However, 
> it is strongly recommended that your application 
> explicitly check all inputs in this case. 
> 
> Exception Details: 
> System.Web.HttpRequestValidationException: A potentially 
> dangerous Request.Form value was detected from the client 
> (crmFormSubmitXml="<activity><activityt...").
> 
> Source Error: 
> 
> An unhandled exception was generated during the execution 
> of the current web request. Information regarding the 
> origin and location of the exception can be identified 
> using the exception stack trace below.  
> 
> Stack Trace: 
> 
> 
> [HttpRequestValidationException (0x80004005): A 
> potentially dangerous Request.Form value was detected from 
> the client (crmFormSubmitXml="<activity><activityt...").]
>    System.Web.HttpRequest.ValidateString(String s, String 
> valueName, String collectionName) +230
>    System.Web.HttpRequest.ValidateNameValueCollection
> (NameValueCollection nvc, String collectionName) +99
>    System.Web.HttpRequest.get_Form() +121
>    System.Web.UI.Page.GetCollectionBasedOnMethod() +70
>    System.Web.UI.Page.DeterminePostBackMode() +47
>    System.Web.UI.Page.ProcessRequestMain() +2106
>    System.Web.UI.Page.ProcessRequest() +218
>    System.Web.UI.Page.ProcessRequest(HttpContext context) 
> +18
>    
> System.Web.CallHandlerExecutionStep.System.Web.HttpApplicat
> ion+IExecutionStep.Execute() +179
>    System.Web.HttpApplication.ExecuteStep(IExecutionStep 
> step, Boolean& completedSynchronously) +87
> 
>  
> 
> 
> -----------------------------------------------------------
> ---------------------
> Version Information: Microsoft .NET Framework 
> Version:1.1.4322.535; ASP.NET Version:1.1.4322.535
0
webinstinct
8/26/2003 8:53:04 PM
I rolled back to .net framework sp2 and reinstalled CRM 
and it worked.
But I will prefer using .net framework 1.1 if possible...

>-----Original Message-----
>Someone posted a workaround earlier:
>
>Modify your web.config file.  You need  
validateRequest="false" in the
><pages/> node.
>
>Here is an example:
>
><system.web>
>		<compilation defaultLanguage="C#" 
debug="false"/>
>		<authentication mode="Windows"/>
>		<identity impersonate="true"/>
>		<pages buffer="true" 
enableSessionState="false"
>enableViewState="false" validateRequest="false"/>
>		<sessionState mode="Off"/>
>	 	<customErrors mode="Off"/>
>	</system.web>
>
>
>
>
>"Angel" <angel@cnsi.ca> wrote in message 
news:<086301c36bed$590d7060$a001280a@phx.gbl>...
>> Please help!
>> I have Active Dir, Exchange and SQL 2000 on the same 
Win 
>> 2000 server machine. Installed CRM OK. Made security 
>> service dependent as outlined in deployment guide. 
Created 
>> an account in CRM and can browse around, but cannot 
save 
>> anything. The error I am getting is:
>> 
>> Server Error in '/' Application.
>> --------------------------------------------------------
---
>> ---------------------
>> 
>> A potentially dangerous Request.Form value was detected 
>> from the client 
>> (crmFormSubmitXml="<activity><activityt..."). 
>> Description: Request Validation has detected a 
potentially 
>> dangerous client input value, and processing of the 
>> request has been aborted. This value may indicate an 
>> attempt to compromise the security of your application, 
>> such as a cross-site scripting attack. You can disable 
>> request validation by setting validateRequest=false in 
the 
>> Page directive or in the configuration section. 
However, 
>> it is strongly recommended that your application 
>> explicitly check all inputs in this case. 
>> 
>> Exception Details: 
>> System.Web.HttpRequestValidationException: A 
potentially 
>> dangerous Request.Form value was detected from the 
client 
>> (crmFormSubmitXml="<activity><activityt...").
>> 
>> Source Error: 
>> 
>> An unhandled exception was generated during the 
execution 
>> of the current web request. Information regarding the 
>> origin and location of the exception can be identified 
>> using the exception stack trace below.  
>> 
>> Stack Trace: 
>> 
>> 
>> [HttpRequestValidationException (0x80004005): A 
>> potentially dangerous Request.Form value was detected 
from 
>> the client 
(crmFormSubmitXml="<activity><activityt...").]
>>    System.Web.HttpRequest.ValidateString(String s, 
String 
>> valueName, String collectionName) +230
>>    System.Web.HttpRequest.ValidateNameValueCollection
>> (NameValueCollection nvc, String collectionName) +99
>>    System.Web.HttpRequest.get_Form() +121
>>    System.Web.UI.Page.GetCollectionBasedOnMethod() +70
>>    System.Web.UI.Page.DeterminePostBackMode() +47
>>    System.Web.UI.Page.ProcessRequestMain() +2106
>>    System.Web.UI.Page.ProcessRequest() +218
>>    System.Web.UI.Page.ProcessRequest(HttpContext 
context) 
>> +18
>>    
>> 
System.Web.CallHandlerExecutionStep.System.Web.HttpApplicat
>> ion+IExecutionStep.Execute() +179
>>    System.Web.HttpApplication.ExecuteStep
(IExecutionStep 
>> step, Boolean& completedSynchronously) +87
>> 
>>  
>> 
>> 
>> --------------------------------------------------------
---
>> ---------------------
>> Version Information: Microsoft .NET Framework 
>> Version:1.1.4322.535; ASP.NET Version:1.1.4322.535
>.
>
0
angel
8/27/2003 8:46:31 PM
Reply:

Similar Artilces:

User Clss Security
I am new to Microsoft Dynamics, and performing an evaulation using Rel.9. I am attempting to set up user class security to assign to usrs when I add them. When I set up a class for purchaing for example, selecting Windows and a series of Purchasing to allow access to the purchaing screens and save this. Then create a user and assign the class to the user I am creating, the end result when I print a security report for this user, the user has far more authorizations than the windows I granted to the Purchaning class. Authorizations include advanced security, Financials and many others. W...

Visio 2000 : Error (100)
I have Visio 2000 with the latest updates installed. My PC crashed while the visio document was open. Now when I open the document, I get an error message "An error (100) occurre during the action Open File. Visio can not open the file because it's not a Visio file." And I could not open the file. I try deleting the temperory file from the directory, dosent help. Please let me know how do I recover my currepted file. Thanks, John John, I'm sorry, but I believe that your document is no longer recoverable. There is a way to prevent this from happening in the future tho...

OAB errors
Hello, We had an issue where we had a fatal crash of the First Exchange 2003 Server, so we couldn't remove it properly. Ever since we have had issues with OAB and Sync errors. Event ID's 9333 and 9335 on the second Exchange Server. I have tried everything I can to get these to work, Rehomed the Offline Address Book default folders, the RUS, set the new server as Master, Bridgehead, etc.. Made sure that the Mailboxes object pointed to the correct OAB. The odd thing is when I open the properties of the System folders under the Public Folders object, half of them tell me ther...

Advanced Security Error
When I am in the Advanced Security form, I will select a user class (or user) and then select the "by menu" option on right of the form, I get the following error; The stored procedure WDC_Security_CloneClassEntity returned the following results: DBMS: 0, Microsoft Dynamics GP: 50403. I have search the knowledgebase and googled it and I can't find anything about how to fix this error. This error code means that it was trying to clone from an entity that did not exist in the Accelerator tables. I suggest that you Reset the Accelerator from the Advanced Security Options w...

Displaying CInternetException error in MessageBox
I have a class that deals with HTTP communication and it catches a CInternetException. I want to be able to display the exception error message in a messagebox. However for some reason I can't even get MessageBox() to work... never mind get the error message into it! I currently get the error ClientProxy.cpp(111) : error C2660: 'MessageBoxA' : function does not take 1 arguments /* CODE SNIPPET */ CATCH(CInternetException, pEx) { MessageBox("Exception"); } END_CATCH Have you tried using AfxMessageBox()? Rob "Si" wrote: > I have a class that ...

Outlook2K7/Vista & Security Certificates??
I'm using Outlook 2007 and Vista Ultimate. My AOL IMAP mail worked fine until a about a week ago. Now I get this error message: "The server you are connected to is using a security certificate cannot be verified. Do want to continue using this server" I click "Yes" and it downloads the new email, but I have to do this each time I open Outlook 2007. Anyone have any clues how to fix this? Any feedback would be greatly appreciated. Thx can you download the certificate and add it to your trusted certs? -- Diane Poremsky [MVP - Outlook] Author, Teach Yourself Outl...

Security
Now with Money 2005 it seems you are pretty much required to use an MSN Passport to take advantage of its features. This means all your financial information is somewhere on some Microsoft server. Not only some statements from a certain bank, but ALL of your info. Your checking and savings accounts, your investment and retirement accounts and all the necessary passwords to access these accounts at each particular bank. Together with individual notes you may have added to each transaction (and with the combined information of all of your accounts) anyone accessing your data gets a pr...

security setup
is there anyway to change security level of cashier by time. for example from 9am to 1 pm they have different security level and from 1 to 5 they have different. Also is there anyway to disable "tender" button on POS for all cashiers. i want to dedicate one of my machines just to make work orders so knowbody can tender amount on it. thank you Shoby, Not that I'm aware of. If you can't press the F12 Tender button, you can't save the workorder. But you can disable the Amount column in the Tender screen. When in POS, click on the bottom blank button on the le...

0x80042108 Error
I'm seeing some strange problems in Outlook 2002. I'm getting 0x80042108 errors on two of my e-mail accounts when I try to send/receive. The other 6 E-mail accounts work fine with out problems. It's always the same two accounts that are causing the problems. When I "test" they accounts from the confguration page they both work fine and are able to connect and send the test message. I've turned logging on but neighter account show up in the log file at all when I do a send/receive the other accounts are in the log file as expected. I know it is NOT a firewa...

errors
hello group I lost my main identify after i crashed outlook express sp1 and i cant get it configured . I used the configure E-Mail link but it Did not work. I get errors ox800ccc34 when outlook opens and error ox8004207 when i click receive all. Thank you ED ...

Stored Procedure Error
I tried to search CustomerSource for this error message, but I found out my maintenance agreement has expired. I am working on fixing that problem, but I hope somebody here can help me out. I am running Great Plains 8.0g34. I have one user who gets the following error when she posts a Payables Batch Entry. The stored procedure glpPostBatch returned the following results: DBMS: 0, Great Plains: 20286 Thanks for any help you can offer me. Jeff Jeff, Since it appears to be workstation specific - I assume that others can post Payables Batches without problem. You need to try to determine i...

E*Trade positions download rounding errors 2005
When I download an online "statement" from E*Trade, Money 2005 reports that most of my positions don't match the statement, and prompts me to "Add 0 shares," or "Remove 0 shares." I did convert from an earlier version of Money. Allowing money to enter these add/remove transactions does not appear to solve the problem permanently. The next online update can bring a similar report. Anyone else seeing this, with any other brokerages? On 2005-01-15, David <David@discussions.microsoft.com> wrote: > When I download an online "statement" fro...

Proper Security Settings on Exchange Install Folder?
I am trying to nail down the security of our Exchange 2003 servers before we start a mass migration off 5.5. One issue I am dealing with is securing the Exchange install directory, in my case c:\program files\exchsrvr I have a Microsoft Press Book "Secure Messaging with MS Exchange Server 2003" that talks about doing this on page 144, but the details aren't as clear as I would like them. For example, they say to remove the everyone inheritance. I don't have that. (thats not my question - but right away I'm seeing the book completely different from what I have) Th...

Windows Live Mail Sync error 0x8BAD0022
Can anyone help resolve this error? I've tried to remove and add a hotmail account, but it is not synchronizing. thanks. Is the Hotmail account accessible at ? - Mail.live.com When accessing the above were you prompted to enter a string of characters to verify the account(it sets up the account inbox on the server) ? -- ...winston ms-mvp mail "Ivanc11" <Ivanc11@discussions.microsoft.com> wrote in message news:A0B7D53C-2C63-44E3-9868-53E5288DBF33@microsoft.com... > Can anyone help resolve this error? I've tried to remove and add a hotma...

Office outlook 2003 error sending reported error(ox800cccfo)The s.
Office outlook 2003 error sending reported error(ox800cccfo)The service is currently unavailable when sending pop 3 emails. Uncheck SPA in your Mail Properties Peter "Henpie" <Henpie@discussions.microsoft.com> wrote in message news:A1394163-CE60-4B24-94D4-4C1385F79496@microsoft.com... > Office outlook 2003 error sending reported error(ox800cccfo)The service is > currently unavailable when sending pop 3 emails. SPA is not checked. I will double check this when I get home. Here is the deal I setup a pop3 accounts to be able to download and receive my webmail. Mond...

Error 2042
I am trying to use the match function within vba without using a cell. The following is how I was told to do it. I am trying to match the value of begbase (which is "10/1/97" in this case). Dim sb As Variant sb = Application.Match(begbase, Range("a2:a" & causerows)) What I get is Error 2042. I don't know what that is. Can some one either tell me what it is, or better yet, how to solve the problem? TIA Error 2042 means that the Match was not found. It's equivalent to returning #N/A when called from the worksheet. Since you're not using the match ty...

Offline Address Book Error
Dear all In my Exchange 2k3 and Exchange 5.5 environment, when a click the property of the offline address book ESM->Admin Group->Folder->offline address book->/o=domain/cn=addresslinst/cd=oabs... I receive the follwing error prompt The mail proxy for this folder can not be found. This may be due to replication delays. The mail eanbled pages will not be shown Id. no: c1038a2 And I also the follow erro in Event viewer's Application log last two day OALGen encountered an error while generating the changes.oab file for differential downloads. Clients will not be able to inc...

dbSeeChanges error with IDENTITY column
Hey there, I am getting an error on this line that says I need a dbSeeChanges with IDENTITY column Set rst = CurrentDb.OpenRecordset("dbo_ErrorLog", , dbAppendOnly) Where do I add it? I have been reading the forums and trying different things out and I am still getting this error. I set up an errorlog routine and my database errored so it went to the routine and crapped out on that line. Thanks!! -- Message posted via AccessMonster.com http://www.accessmonster.com/Uwe/Forums.aspx/access-formscoding/200912/1 "gmazza via AccessMonster.com" <u37142@u...

Business Portal HTTP Error 401.1
Hi I have just installed Business Portal 3.0 on a Windows 2003 Server (sp1) with windows share point server on a separate server. I am getting the following error message when I access from some of client PC even if log in as administrator. You do not have permission to view this directory or page using the credentials that you supplied. HTTP Error 401.1 - Unauthorized: Access is denied due to invalid credentials. Internet Information Services (IIS)" But from the same client PC I can able to access site if I give the sample employee user id and password. Any one can help me to fix ...

Outlook 2000 security update
Does anyone know how to disable the Outlook 2000 security update? which one/why ? N "Jeremy" <jeremylee1975@yahoo.com> wrote in message news:01dc01c3ce3e$3509e140$a301280a@phx.gbl... > Does anyone know how to disable the Outlook 2000 security > update? ...

Sumproduct error
Hi all, I got macro below which is not working as I get error syaing "Type mismatch" and on clicking Debug button it highlights the below line c.Offset(0, 3).Value = Application.Evaluate("Sumproduct((" & RngC = .Range("E1").Value & c.Offset(0, 1).Value & c.Offset(0, -1).Value & ")*(" & RngD & "))") Please can any friend help me on this that what am I doing wrong Sub PrepBlendDataRev() Estlstcl = Sheets("Data").Cells(Rows.Count, "B").End(xlUp).Row RngC = Sheets("Data").Range(&...

941 error message
On register 1 while I have store operations open and attempt to open store manager I receive a 941 error message. I just recently replaced the dongle but this does not seem to be the fix. Store operations is not showing in evaulation mode, I only receive the 941 error message when I try to open store manager with store operations running or when I attempt to use custom buttons to settle edc transactions. Any ideas? Check the register number. makesure you dont have same register on pos and back office. -- Thank You Harjit SherGill /DBA Altaville Market 324 South Main st po box 370 A...

Error 2100
Access 2000 I am dynamicaly placing controls on a report and hiding some controls based on caculated conditions. The code is being called from Detail_Format. I have 17 information boxes where 6 can fit on one page in the following format 1 2 3 4 5 6 7 8 The situation is that the number of controls can vary anywhere from 4 to 10 per report, and the controls that are not pertinent are hidden. Here is some background pseudocode to explain if condition1 then control.top = y control.left = x if condition 2 then control.visible = false The problems I am having are these. 1) If the hidden contr...

Error in OCX
Hi, I am new to writing OCX's/windows programming but have managed to modify an existing OCX with new functionality. But when I build the OCX in release mode and try to add this OCX with a simple visual basic project, it crashes upon exiting the project. But if I build the OCX in debug mode and do the same, it does not crash. Do you have any idea, why?? Also the debug version of the OCX is having problem registering on a machine other than it was built on with an error "Debug Assertion Failed. File: oletyplb.cpp line 32". But if we build the OCX on that machine and then registe...

Default Security Roles for Canadian Payroll
It would be nice to have the same type of security roles in Version 10 when you install Canadian Payroll as you do with US payroll. Fliehigh You could probably "mimic" the same security roles for Canadian payroll, no? Best regards, -- MG.- Mariano Gomez, MIS, MCP, PMP Maximum Global Business, LLC http://www.maximumglobalbusiness.com "Fliehigh" wrote: > It would be nice to have the same type of security roles in Version 10 when > you install Canadian Payroll as you do with US payroll. > > Fliehigh No because the tasks do not mimic or relate to the US P...