62,046
社区成员
发帖
与我相关
我的任务
分享高分请教 - Padding is invalid and cannot be removed.
最近网站不停的报 同一个错误
QueryString:d=j4DOYsiFjROj6zvejyEvzg2&t=634120854477101108
Form:
Path: /GolfLive/WebResource.axd
Padding is invalid and cannot be removed.
at System.Security.Cryptography.RijndaelManagedTransform.DecryptData(Byte[] inputBuffer, Int32 inputOffset, Int32 inputCount, Byte[]& outputBuffer, Int32 outputOffset, PaddingMode paddingMode, Boolean fLast)
at System.Security.Cryptography.RijndaelManagedTransform.TransformFinalBlock(Byte[] inputBuffer, Int32 inputOffset, Int32 inputCount)
at System.Security.Cryptography.CryptoStream.FlushFinalBlock()
at System.Web.Configuration.MachineKeySection.EncryptOrDecryptData(Boolean fEncrypt, Byte[] buf, Byte[] modifier, Int32 start, Int32 length, IVType ivType, Boolean useValidationSymAlgo)
at System.Web.UI.Page.DecryptStringWithIV(String s, IVType ivType)
at System.Web.Handlers.AssemblyResourceLoader.System.Web.IHttpHandler.ProcessRequest(HttpContext context)
at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
我在网上搜了一下,有人说是搜索引擎导致的,但是这个网站是内网里跑的,所以可以排除。
另外iis的log里面有一些有意思的东东。
2010-07-01 13:04:43 10.170.10.76 GET /GolfLive/WebResource.axd d=JAR4rs8isuk1nelnj100TQ2&t=634120854477101108 80 - 10.170.12.79 Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.1;+Trident/4.0;+.NET+CLR+2.0.50727;+.NET+CLR+1.1.4322;+.NET+CLR+3.0.04506.30;+MS-RTC+LM+8;+.NET+CLR+3.0.04506.648;+InfoPath.2;+.NET+CLR+3.0.4506.2152;+.NET+CLR+3.5.30729;+MS-RTC+EA+2) 200 0 0
2010-07-01 14:43:53 10.170.10.76 GET /GolfLive/WebResource.axd d=JAR4rs8isuk1nelnj100TQ2&t=634120854477101108 80 - 10.170.12.79 Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.1;+Trident/4.0;+.NET+CLR+2.0.50727;+.NET+CLR+1.1.4322;+.NET+CLR+3.0.04506.30;+MS-RTC+LM+8;+.NET+CLR+3.0.04506.648;+InfoPath.2;+.NET+CLR+3.0.4506.2152;+.NET+CLR+3.5.30729;+MS-RTC+EA+2) 200 0 0
2010-07-01 16:24:05 10.170.10.76 GET /GolfLive/WebResource.axd d=JAR4rs8isuk1nelnj100TQ2&t=634120854477101108 80 - 10.170.12.79 Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.1;+Trident/4.0;+.NET+CLR+2.0.50727;+.NET+CLR+1.1.4322;+.NET+CLR+3.0.04506.30;+MS-RTC+LM+8;+.NET+CLR+3.0.04506.648;+InfoPath.2;+.NET+CLR+3.0.4506.2152;+.NET+CLR+3.5.30729;+MS-RTC+EA+2) 200 0 0
2010-07-01 17:25:02 10.170.10.76 GET /GolfLive/WebResource.axd d=j4DOYsiFjROj6zvejyEvzg2&t=634120854477101108 80 - 10.170.12.79 Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.1;+Trident/4.0;+.NET+CLR+2.0.50727;+.NET+CLR+1.1.4322;+.NET+CLR+3.0.04506.30;+MS-RTC+LM+8;+.NET+CLR+3.0.04506.648;+InfoPath.2;+.NET+CLR+3.0.4506.2152;+.NET+CLR+3.5.30729;+MS-RTC+EA+2) 302 0 0
2010-07-01 17:26:01 10.170.10.76 GET /GolfLive/WebResource.axd d=j4DOYsiFjROj6zvejyEvzg2&t=634120854477101108 80 - 10.170.12.79 Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.1;+Trident/4.0;+.NET+CLR+2.0.50727;+.NET+CLR+1.1.4322;+.NET+CLR+3.0.04506.30;+MS-RTC+LM+8;+.NET+CLR+3.0.04506.648;+InfoPath.2;+.NET+CLR+3.0.4506.2152;+.NET+CLR+3.5.30729;+MS-RTC+EA+2) 302 0 0
2010-07-01 17:26:10 10.170.10.76 GET /GolfLive/WebResource.axd d=j4DOYsiFjROj6zvejyEvzg2&t=634120854477101108 80 - 10.170.12.79 Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.1;+Trident/4.0;+.NET+CLR+2.0.50727;+.NET+CLR+1.1.4322;+.NET+CLR+3.0.04506.30;+MS-RTC+LM+8;+.NET+CLR+3.0.04506.648;+InfoPath.2;+.NET+CLR+3.0.4506.2152;+.NET+CLR+3.5.30729;+MS-RTC+EA+2) 302 0 0
2010-07-01 17:26:13 10.170.10.76 GET /GolfLive/WebResource.axd d=j4DOYsiFjROj6zvejyEvzg2&t=634120854477101108 80 - 10.170.12.79 Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.1;+Trident/4.0;+.NET+CLR+2.0.50727;+.NET+CLR+1.1.4322;+.NET+CLR+3.0.04506.30;+MS-RTC+LM+8;+.NET+CLR+3.0.04506.648;+InfoPath.2;+.NET+CLR+3.0.4506.2152;+.NET+CLR+3.5.30729;+MS-RTC+EA+2) 200 0 0
2010-07-01 17:26:31 10.170.10.76 GET /GolfLive/WebResource.axd d=JAR4rs8isuk1nelnj100TQ2&t=634120854477101108 80 - 10.170.12.79 Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.1;+Trident/4.0;+.NET+CLR+2.0.50727;+.NET+CLR+1.1.4322;+.NET+CLR+3.0.04506.30;+MS-RTC+LM+8;+.NET+CLR+3.0.04506.648;+InfoPath.2;+.NET+CLR+3.0.4506.2152;+.NET+CLR+3.5.30729;+MS-RTC+EA+2) 302 0 0
2010-07-01 17:26:36 10.170.10.76 GET /GolfLive/WebResource.axd d=JAR4rs8isuk1nelnj100TQ2&t=634120854477101108 80 - 10.170.12.79 Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.1;+Trident/4.0;+.NET+CLR+2.0.50727;+.NET+CLR+1.1.4322;+.NET+CLR+3.0.04506.30;+MS-RTC+LM+8;+.NET+CLR+3.0.04506.648;+InfoPath.2;+.NET+CLR+3.0.4506.2152;+.NET+CLR+3.5.30729;+MS-RTC+EA+2) 200 0 0
2010-07-01 20:46:09 10.170.10.76 GET /GolfLive/WebResource.axd d=j4DOYsiFjROj6zvejyEvzg2&t=634120854477101108 80 - 10.170.12.79 Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.1;+Trident/4.0;+.NET+CLR+2.0.50727;+.NET+CLR+1.1.4322;+.NET+CLR+3.0.04506.30;+MS-RTC+LM+8;+.NET+CLR+3.0.04506.648;+InfoPath.2;+.NET+CLR+3.0.4506.2152;+.NET+CLR+3.5.30729;+MS-RTC+EA+2) 302 0 0
2010-07-01 20:46:16 10.170.10.76 GET /GolfLive/WebResource.axd d=j4DOYsiFjROj6zvejyEvzg2&t=634120854477101108 80 - 10.170.12.79 Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.1;+Trident/4.0;+.NET+CLR+2.0.50727;+.NET+CLR+1.1.4322;+.NET+CLR+3.0.04506.30;+MS-RTC+LM+8;+.NET+CLR+3.0.04506.648;+InfoPath.2;+.NET+CLR+3.0.4506.2152;+.NET+CLR+3.5.30729;+MS-RTC+EA+2) 302 0 0
2010-07-01 20:46:39 10.170.10.76 GET /GolfLive/WebResource.axd d=j4DOYsiFjROj6zvejyEvzg2&t=634120854477101108 80 - 10.170.12.79 Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.1;+Trident/4.0;+.NET+CLR+2.0.50727;+.NET+CLR+1.1.4322;+.NET+CLR+3.0.04506.30;+MS-RTC+LM+8;+.NET+CLR+3.0.04506.648;+InfoPath.2;+.NET+CLR+3.0.4506.2152;+.NET+CLR+3.5.30729;+MS-RTC+EA+2) 302 0 0
2010-07-01 20:49:09 10.170.10.76 GET /GolfLive/WebResource.axd d=JAR4rs8isuk1nelnj100TQ2&t=634120854477101108 80 - 10.170.12.79 Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.1;+Trident/4.0;+.NET+CLR+2.0.50727;+.NET+CLR+1.1.4322;+.NET+CLR+3.0.04506.30;+MS-RTC+LM+8;+.NET+CLR+3.0.04506.648;+InfoPath.2;+.NET+CLR+3.0.4506.2152;+.NET+CLR+3.5.30729;+MS-RTC+EA+2) 200 0 0
对同一个地址(/GolfLive/WebResource.axd d=JAR4rs8isuk1nelnj100TQ2&t=634120854477101108)的访问会导致 时好时坏。
请高手帮忙了!!!
QueryString:d=j4DOYsiFjROj6zvejyEvzg2&t=634120854477101108
Form:
Path: /GolfLive/WebResource.axd
Padding is invalid and cannot be removed.
at System.Security.Cryptography.RijndaelManagedTransform.DecryptData(Byte[] inputBuffer, Int32 inputOffset, Int32 inputCount, Byte[]& outputBuffer, Int32 outputOffset, PaddingMode paddingMode, Boolean fLast)
at System.Security.Cryptography.RijndaelManagedTransform.TransformFinalBlock(Byte[] inputBuffer, Int32 inputOffset, Int32 inputCount)
at System.Security.Cryptography.CryptoStream.FlushFinalBlock()
at System.Web.Configuration.MachineKeySection.EncryptOrDecryptData(Boolean fEncrypt, Byte[] buf, Byte[] modifier, Int32 start, Int32 length, IVType ivType, Boolean useValidationSymAlgo)
at System.Web.UI.Page.DecryptStringWithIV(String s, IVType ivType)
at System.Web.Handlers.AssemblyResourceLoader.System.Web.IHttpHandler.ProcessRequest(HttpContext context)
at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
我在网上搜了一下,有人说是搜索引擎导致的,但是这个网站是内网里跑的,所以可以排除。
另外iis的log里面有一些有意思的东东。
2010-07-01 13:04:43 10.170.10.76 GET /GolfLive/WebResource.axd d=JAR4rs8isuk1nelnj100TQ2&t=634120854477101108 80 - 10.170.12.79 Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.1;+Trident/4.0;+.NET+CLR+2.0.50727;+.NET+CLR+1.1.4322;+.NET+CLR+3.0.04506.30;+MS-RTC+LM+8;+.NET+CLR+3.0.04506.648;+InfoPath.2;+.NET+CLR+3.0.4506.2152;+.NET+CLR+3.5.30729;+MS-RTC+EA+2) 200 0 0
2010-07-01 14:43:53 10.170.10.76 GET /GolfLive/WebResource.axd d=JAR4rs8isuk1nelnj100TQ2&t=634120854477101108 80 - 10.170.12.79 Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.1;+Trident/4.0;+.NET+CLR+2.0.50727;+.NET+CLR+1.1.4322;+.NET+CLR+3.0.04506.30;+MS-RTC+LM+8;+.NET+CLR+3.0.04506.648;+InfoPath.2;+.NET+CLR+3.0.4506.2152;+.NET+CLR+3.5.30729;+MS-RTC+EA+2) 200 0 0
2010-07-01 16:24:05 10.170.10.76 GET /GolfLive/WebResource.axd d=JAR4rs8isuk1nelnj100TQ2&t=634120854477101108 80 - 10.170.12.79 Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.1;+Trident/4.0;+.NET+CLR+2.0.50727;+.NET+CLR+1.1.4322;+.NET+CLR+3.0.04506.30;+MS-RTC+LM+8;+.NET+CLR+3.0.04506.648;+InfoPath.2;+.NET+CLR+3.0.4506.2152;+.NET+CLR+3.5.30729;+MS-RTC+EA+2) 200 0 0
2010-07-01 17:25:02 10.170.10.76 GET /GolfLive/WebResource.axd d=j4DOYsiFjROj6zvejyEvzg2&t=634120854477101108 80 - 10.170.12.79 Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.1;+Trident/4.0;+.NET+CLR+2.0.50727;+.NET+CLR+1.1.4322;+.NET+CLR+3.0.04506.30;+MS-RTC+LM+8;+.NET+CLR+3.0.04506.648;+InfoPath.2;+.NET+CLR+3.0.4506.2152;+.NET+CLR+3.5.30729;+MS-RTC+EA+2) 302 0 0
2010-07-01 17:26:01 10.170.10.76 GET /GolfLive/WebResource.axd d=j4DOYsiFjROj6zvejyEvzg2&t=634120854477101108 80 - 10.170.12.79 Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.1;+Trident/4.0;+.NET+CLR+2.0.50727;+.NET+CLR+1.1.4322;+.NET+CLR+3.0.04506.30;+MS-RTC+LM+8;+.NET+CLR+3.0.04506.648;+InfoPath.2;+.NET+CLR+3.0.4506.2152;+.NET+CLR+3.5.30729;+MS-RTC+EA+2) 302 0 0
2010-07-01 17:26:10 10.170.10.76 GET /GolfLive/WebResource.axd d=j4DOYsiFjROj6zvejyEvzg2&t=634120854477101108 80 - 10.170.12.79 Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.1;+Trident/4.0;+.NET+CLR+2.0.50727;+.NET+CLR+1.1.4322;+.NET+CLR+3.0.04506.30;+MS-RTC+LM+8;+.NET+CLR+3.0.04506.648;+InfoPath.2;+.NET+CLR+3.0.4506.2152;+.NET+CLR+3.5.30729;+MS-RTC+EA+2) 302 0 0
2010-07-01 17:26:13 10.170.10.76 GET /GolfLive/WebResource.axd d=j4DOYsiFjROj6zvejyEvzg2&t=634120854477101108 80 - 10.170.12.79 Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.1;+Trident/4.0;+.NET+CLR+2.0.50727;+.NET+CLR+1.1.4322;+.NET+CLR+3.0.04506.30;+MS-RTC+LM+8;+.NET+CLR+3.0.04506.648;+InfoPath.2;+.NET+CLR+3.0.4506.2152;+.NET+CLR+3.5.30729;+MS-RTC+EA+2) 200 0 0
2010-07-01 17:26:31 10.170.10.76 GET /GolfLive/WebResource.axd d=JAR4rs8isuk1nelnj100TQ2&t=634120854477101108 80 - 10.170.12.79 Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.1;+Trident/4.0;+.NET+CLR+2.0.50727;+.NET+CLR+1.1.4322;+.NET+CLR+3.0.04506.30;+MS-RTC+LM+8;+.NET+CLR+3.0.04506.648;+InfoPath.2;+.NET+CLR+3.0.4506.2152;+.NET+CLR+3.5.30729;+MS-RTC+EA+2) 302 0 0
2010-07-01 17:26:36 10.170.10.76 GET /GolfLive/WebResource.axd d=JAR4rs8isuk1nelnj100TQ2&t=634120854477101108 80 - 10.170.12.79 Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.1;+Trident/4.0;+.NET+CLR+2.0.50727;+.NET+CLR+1.1.4322;+.NET+CLR+3.0.04506.30;+MS-RTC+LM+8;+.NET+CLR+3.0.04506.648;+InfoPath.2;+.NET+CLR+3.0.4506.2152;+.NET+CLR+3.5.30729;+MS-RTC+EA+2) 200 0 0
2010-07-01 20:46:09 10.170.10.76 GET /GolfLive/WebResource.axd d=j4DOYsiFjROj6zvejyEvzg2&t=634120854477101108 80 - 10.170.12.79 Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.1;+Trident/4.0;+.NET+CLR+2.0.50727;+.NET+CLR+1.1.4322;+.NET+CLR+3.0.04506.30;+MS-RTC+LM+8;+.NET+CLR+3.0.04506.648;+InfoPath.2;+.NET+CLR+3.0.4506.2152;+.NET+CLR+3.5.30729;+MS-RTC+EA+2) 302 0 0
2010-07-01 20:46:16 10.170.10.76 GET /GolfLive/WebResource.axd d=j4DOYsiFjROj6zvejyEvzg2&t=634120854477101108 80 - 10.170.12.79 Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.1;+Trident/4.0;+.NET+CLR+2.0.50727;+.NET+CLR+1.1.4322;+.NET+CLR+3.0.04506.30;+MS-RTC+LM+8;+.NET+CLR+3.0.04506.648;+InfoPath.2;+.NET+CLR+3.0.4506.2152;+.NET+CLR+3.5.30729;+MS-RTC+EA+2) 302 0 0
2010-07-01 20:46:39 10.170.10.76 GET /GolfLive/WebResource.axd d=j4DOYsiFjROj6zvejyEvzg2&t=634120854477101108 80 - 10.170.12.79 Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.1;+Trident/4.0;+.NET+CLR+2.0.50727;+.NET+CLR+1.1.4322;+.NET+CLR+3.0.04506.30;+MS-RTC+LM+8;+.NET+CLR+3.0.04506.648;+InfoPath.2;+.NET+CLR+3.0.4506.2152;+.NET+CLR+3.5.30729;+MS-RTC+EA+2) 302 0 0
2010-07-01 20:49:09 10.170.10.76 GET /GolfLive/WebResource.axd d=JAR4rs8isuk1nelnj100TQ2&t=634120854477101108 80 - 10.170.12.79 Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.1;+Trident/4.0;+.NET+CLR+2.0.50727;+.NET+CLR+1.1.4322;+.NET+CLR+3.0.04506.30;+MS-RTC+LM+8;+.NET+CLR+3.0.04506.648;+InfoPath.2;+.NET+CLR+3.0.4506.2152;+.NET+CLR+3.5.30729;+MS-RTC+EA+2) 200 0 0
对同一个地址(/GolfLive/WebResource.axd d=JAR4rs8isuk1nelnj100TQ2&t=634120854477101108)的访问会导致 时好时坏。
请高手帮忙了!!!
...全文
请发表友善的回复…
发表回复
段传涛 2010-07-14
- 打赏
- 举报
o congratulations !
段传涛 2010-07-14
- 打赏
- 举报
一般是 引用问题
我的个别重新在自定义控件时老出现这样的。 你可以重点检查
我的个别重新在自定义控件时老出现这样的。 你可以重点检查
laughingrat 2010-07-14
- 打赏
- 举报
早上11点前 结贴
回帖者有分!!!
回帖者有分!!!
zhengqian529 2010-07-14
- 打赏
- 举报
这个问题确实只有清晰了解你所有的设置才能解决。
恭喜LZ这么快解决了。 JF
恭喜LZ这么快解决了。 JF
laughingrat 2010-07-14
- 打赏
- 举报
所以 我在 web.config 里面 加上一个 <machinekey> tag, 例子如下:
<system.web>
<machineKey
validationKey="855EF551DE4E9ACC3F5A119E839883EC5A293D2581BCFE211573A0CE628C33EB677E8497ED5F1E892C7106151FDA3F432434A69563AC51819FD20BDF39911BA0"
decryptionKey="DD27E852FD77F8A62EDD470FBDD7D480AF10A40ABFB1039C1893CA4C3803D054"
validation="SHA1" />
<trust level="Full"/>
…
</system.web>
machinekey 可以自己找 工具生成,网上有很多例子, 我就捕猎绝了!!
<system.web>
<machineKey
validationKey="855EF551DE4E9ACC3F5A119E839883EC5A293D2581BCFE211573A0CE628C33EB677E8497ED5F1E892C7106151FDA3F432434A69563AC51819FD20BDF39911BA0"
decryptionKey="DD27E852FD77F8A62EDD470FBDD7D480AF10A40ABFB1039C1893CA4C3803D054"
validation="SHA1" />
<trust level="Full"/>
…
</system.web>
machinekey 可以自己找 工具生成,网上有很多例子, 我就捕猎绝了!!
laughingrat 2010-07-14
- 打赏
- 举报
ok, 今天 support给我的反馈是 问题已经 解决了。 这里我把解决的方案放出来。 希望对大家有帮助
Depending on how busy is your web server you can see them appear from time to time or up to every few minutes, thus filling your EventLog and being from a light annoyance up to a real problem (depending on how hypochondriac you are).
In fact, they are just warnings that can be ignored on most of the cases, but they can be a real problem when they bury other events and the forest do not let you see the trees. If there are many of them and you want to get rid of them (or most of them at least), keep on reading.
You might check your IIS Log by the times when the warnings appear and (if you also log user-agent) you will probably see that most of the time the URL is NOT requested by a real user, but a spider engine doing its crawl (googlebot, msnbot, yahoo, tahoma, or any other). You can double check doing a reverse dns check for the offending IP address doing a ping –a aaa.bbb.ccc.ddd and you will also see the IP resolves to something like *.googlebot.com, *.search.msn.com, *.crawl.yahoo.net or *.ask.com. This should give you a hint on what to do…
WebResource.axd is just an httpHandler that wraps several resources within the same DLL. It is in charge of returning from little .gif files for serving the arrows of the ASP:Menu control, to .js files governing the behavior of the menu itself. Even though your website do not use ASP:Menu control, you probably will be using WebResource.axd for javascript dealing the post back of your form or any other thing.
Why does this exception happen?
If you see in detail the parameters following the WebResource.axd request you will notice two of them. The first one d refers to a particular resource embedded in the httpHandler DLL. It is a fixed value as long as the source DLL is not updated or recompiled. The second t parameter is a timestamp parameter that changes whenever the web application (AppPool) is recompiled (a changed/updated DLL, an update to web.config, and so) and depends on the machineKey of the web site. If web.config does not explicitly declare a fixed machineKey, the t parameter will change from time to time (restarts, job recycles, etc).
In fact these CryptographicException warnings are well known in web farms configurations. In that case, all the servers belonging to the same farm must have the same machineKey because if a served page (.aspx container page) by a particular server of the farm includes a value of t parameter and the subsequent request for that URL resource is handled by other server of the farm, the exception would arise and the user could not download the resource. And, in this case we would be talking about real browsers with real users behind them, not spider engines.
Furthermore, if you have implemented a conditional GET in your webserver, this exception is more likely to happen, since a user can come back to your site, do a request for a page that has not changed, being returned a 304 Not Modified, and still request the resources included in that page, that might be invalid due to the change of t.
The solution: two steps.
As you can imagine, the first thing that you can do is setting a fixed machineKey in your web.config file. Even though you are not running a cluster, nor a web farm, it will help you to minimize the occurrences of the warning Padding is invalid and cannot be removed.
For this you can use a machineKey generator or generate your own if you know how to do it (random chars will not work).
<system.web>
<machineKey
validationKey='A06BDCF2F6CF.A.VERY.LONG.44F13E76184945A7C477601'
decryptionKey='99079B21C2F3644.A.BIT.SHORTER.BB81C7E9D58378'
validation='SHA1'/>
</system.web>
The second (and easier) step to follow is to prevent WebResource.axd URLs from being requested as much as possible. In particular by search engines crawlers or bots, since those resources should not be indexed nor cached in any way by them. Those URLs are not real content to be indexed. If you only add the following lines to your robots.txt you will see how the frequency of CryptographicException is reduced drastically. If you also change the machineKey to a static value, you will get rid of them almost completely.
User-agent: *
Disallow: /WebResource.axd
As I said, you will get rid of this warning almost completely. There might be search engines not following your robots.txt policies, users visiting you from a Google cached page version, etc. so you cannot get rid of this warning messages for good, but yet enough for not being a problem anymore.
Depending on how busy is your web server you can see them appear from time to time or up to every few minutes, thus filling your EventLog and being from a light annoyance up to a real problem (depending on how hypochondriac you are).
In fact, they are just warnings that can be ignored on most of the cases, but they can be a real problem when they bury other events and the forest do not let you see the trees. If there are many of them and you want to get rid of them (or most of them at least), keep on reading.
You might check your IIS Log by the times when the warnings appear and (if you also log user-agent) you will probably see that most of the time the URL is NOT requested by a real user, but a spider engine doing its crawl (googlebot, msnbot, yahoo, tahoma, or any other). You can double check doing a reverse dns check for the offending IP address doing a ping –a aaa.bbb.ccc.ddd and you will also see the IP resolves to something like *.googlebot.com, *.search.msn.com, *.crawl.yahoo.net or *.ask.com. This should give you a hint on what to do…
WebResource.axd is just an httpHandler that wraps several resources within the same DLL. It is in charge of returning from little .gif files for serving the arrows of the ASP:Menu control, to .js files governing the behavior of the menu itself. Even though your website do not use ASP:Menu control, you probably will be using WebResource.axd for javascript dealing the post back of your form or any other thing.
Why does this exception happen?
If you see in detail the parameters following the WebResource.axd request you will notice two of them. The first one d refers to a particular resource embedded in the httpHandler DLL. It is a fixed value as long as the source DLL is not updated or recompiled. The second t parameter is a timestamp parameter that changes whenever the web application (AppPool) is recompiled (a changed/updated DLL, an update to web.config, and so) and depends on the machineKey of the web site. If web.config does not explicitly declare a fixed machineKey, the t parameter will change from time to time (restarts, job recycles, etc).
In fact these CryptographicException warnings are well known in web farms configurations. In that case, all the servers belonging to the same farm must have the same machineKey because if a served page (.aspx container page) by a particular server of the farm includes a value of t parameter and the subsequent request for that URL resource is handled by other server of the farm, the exception would arise and the user could not download the resource. And, in this case we would be talking about real browsers with real users behind them, not spider engines.
Furthermore, if you have implemented a conditional GET in your webserver, this exception is more likely to happen, since a user can come back to your site, do a request for a page that has not changed, being returned a 304 Not Modified, and still request the resources included in that page, that might be invalid due to the change of t.
The solution: two steps.
As you can imagine, the first thing that you can do is setting a fixed machineKey in your web.config file. Even though you are not running a cluster, nor a web farm, it will help you to minimize the occurrences of the warning Padding is invalid and cannot be removed.
For this you can use a machineKey generator or generate your own if you know how to do it (random chars will not work).
<system.web>
<machineKey
validationKey='A06BDCF2F6CF.A.VERY.LONG.44F13E76184945A7C477601'
decryptionKey='99079B21C2F3644.A.BIT.SHORTER.BB81C7E9D58378'
validation='SHA1'/>
</system.web>
The second (and easier) step to follow is to prevent WebResource.axd URLs from being requested as much as possible. In particular by search engines crawlers or bots, since those resources should not be indexed nor cached in any way by them. Those URLs are not real content to be indexed. If you only add the following lines to your robots.txt you will see how the frequency of CryptographicException is reduced drastically. If you also change the machineKey to a static value, you will get rid of them almost completely.
User-agent: *
Disallow: /WebResource.axd
As I said, you will get rid of this warning almost completely. There might be search engines not following your robots.txt policies, users visiting you from a Google cached page version, etc. so you cannot get rid of this warning messages for good, but yet enough for not being a problem anymore.
laughingrat 2010-07-12
- 打赏
- 举报
我们的产品是 b/s的,但不是公网的,是局域网内的。所以目前只知道一个客户 有这个问题。
lester19872007 2010-07-10
- 打赏
- 举报
[Quote=引用 11 楼 laughingrat 的回复:]
跟服务器环境会有关系,不过我没有办法直接操作服务器,所以只能等support的反馈了。
[/Quote]
只有你的这一个网站出问题?还是其他的网站都出问题了?
跟服务器环境会有关系,不过我没有办法直接操作服务器,所以只能等support的反馈了。
[/Quote]
只有你的这一个网站出问题?还是其他的网站都出问题了?
lester19872007 2010-07-09
- 打赏
- 举报
你在你的服务器上多发布两个网站试试,看看是只有你这个网站出现问题,还是其他的网站也出现这样的问题,来排除是你的程序自身的问题还是 服务器的问题!
lester19872007 2010-07-09
- 打赏
- 举报
给你个建议,重新配置你的服务器环境,有可能是你的服务器环境出了问题。
凤凰涅檠 2010-07-09
- 打赏
- 举报
友情帮顶
laughingrat 2010-07-09
- 打赏
- 举报
跟服务器环境会有关系,不过我没有办法直接操作服务器,所以只能等support的反馈了。
yypf2540017 2010-07-08
- 打赏
- 举报
http://blog.csdn.net/leoylw/archive/2009/04/18/4090040.aspx
laughingrat 2010-07-08
- 打赏
- 举报
版本是2.0的,应该没有问题。
而且这个问题不是每一次都会出现, 是点几次后出现一次。 郁闷
而且这个问题不是每一次都会出现, 是点几次后出现一次。 郁闷
lowtemper 2010-07-08
- 打赏
- 举报
检查一下iis server的framework版本和开发环境的framework版本是否一致
laughingrat 2010-07-08
- 打赏
- 举报
只能自己顶一下了
laughingrat 2010-07-08
- 打赏
- 举报
[Quote=引用 6 楼 zmm12 的回复:]
个人认为,找一下你当时设置的变量是不是在声明时写成静态的了,或者在每次用的时候都实例化一下
[/Quote]
应该不是这个问题,因为这个报错信息,不是从我写的代码里抛出来的。
个人认为,找一下你当时设置的变量是不是在声明时写成静态的了,或者在每次用的时候都实例化一下
[/Quote]
应该不是这个问题,因为这个报错信息,不是从我写的代码里抛出来的。
laughingrat 2010-07-08
- 打赏
- 举报
在国外网站上找了一篇文章,先试试,希望能解决。
zmm12 2010-07-08
- 打赏
- 举报
个人认为,找一下你当时设置的变量是不是在声明时写成静态的了,或者在每次用的时候都实例化一下
laughingrat 2010-07-08
- 打赏
- 举报
[Quote=引用 4 楼 yypf2540017 的回复:]
http://blog.csdn.net/leoylw/archive/2009/04/18/4090040.aspx
[/Quote]
不过和我的问题不太一样,首先是 这个报错不是每次都有, 而是偶尔出现,这就基本上排除了是iis和web.config的配置问题。
http://blog.csdn.net/leoylw/archive/2009/04/18/4090040.aspx
[/Quote]
不过和我的问题不太一样,首先是 这个报错不是每次都有, 而是偶尔出现,这就基本上排除了是iis和web.config的配置问题。
