Hidden input types get's created in ASP.net at RUN time

For some reason I开发者_开发百科 have noticed that at run time when looking at my source of my ASP.NET page there are tags being created.

<input type="hidden" name="_VIEWSTATE" id="_viewstate" value="..lots of text.." />

and

<input type="hidden" name="_EVENTVALIDATION" id="_EVENTVALIDATION" value="..lots of text.." />

1. Why is this and what is it for?
2. How can I make sure that these are not created?

Thanks in advance!

Chances are that you don't want to get rid of either one of them.

_VIEWSTATE hidden field is used to store the encoded value of ASP.NET WebForms ViewState. If a normal WebForm-style development (as opposed to MVC) you use ViewState all the time when you do things like string someText = TextBox1.Text in your code behind; or when you execute a PostBack and all the textbox, checkbox, dropdown values are preserved without you having to do anything - that's all features of ViewState. It's very convenient and pretty much a standard practice for ASP.NET WebForms. You can disable ViewState per page using EnableViewState property inside the '@Page` directive. I would assume you don't want to do it, though as you will probably notice a lot of things not working all of a sudden.

_EVENTVALIDATION is part of ASP.NET Event Validation scheme - this also can be disabled in the @Page directive (I believe the property is EnableEventValidation) but I can't imagine why you'd want to do it.

The _EVENTVALIDATION control validates postbacks to reduce the risk of unauthorized postback requests and callbacks. You can disable this by setting

<pages enableEventValidation="false"> 

setting in web.config (or setting

EnableEventValidation="false" in @Page directive) but is not recommended!