Is my VIEWSTATE encrypted?
I'm a little confused. I haven't explicitly set the Web.config <pages ViewStateEncryptionMode="Always" />
, and so this MSDN page says that it should default to Auto
. This MSDN page says that Auto
should cause the viewstate information to be encrypted if a control requests encryption by calling the RegisterRequiresViewStateEncryption
method. But, none of my controls call that method. So it looks like my viewstate should, in fact, not be encrypted.
However, wh开发者_如何学编程en I copy/paste the viewstate into one of the various online viewstate decoders, I'm told that the viewstate serialized data is invalid. So, is my viewstate encrypted or not? Is there some obvious way to tell? Has the default ASP.net behaviour changed to encode the viewstate by defualt unless you disable it?
If its set to Always or auto, all control state would be encrypted.All controls calling RegisterRequiresViewStateEncryption
view state would be encrypted ir-respective of Auto/Always. If your 'custom control' needs encryption call this.
See this on MSDN
If you are developing a custom control that deals with potentially sensitive information, call the RegisterRequiresViewStateEncryption method to register the control with the page and ensure view state for the control is encrypted.
The entire page state will be encrypted if the ViewStateEncryptionMode is set to Auto or Always.
Force it on, see if you get the same error from a decoder.
Force it off, see if it now decodes.
I think that will give you the answer you're looking for.
The default settings can be found on your machine.config, which is a general super config for all your web apps. with your web.config you can overwrite it. you can open one of your website and look inside.
Here you can find the machine.config:
%WinDir%\Microsoft.NET\Framework\<FrameworkVersion>\CONFIG
精彩评论