开发者

Meet with error -- "Updates are currently disallowed on GET requests"

I am using SharePoint Server 2007 Enterprise with Windows Server 2008 Enterprise. I have deployed a publishing portal. I am developing a ASP.Net web application using VSTS 2008 + C# + .Net 3.5 + ASP.Net + SharePoint Server 2007 SDK.

Here is my code snippets and I got error -- "Updates are currently disallowed on GET requests". Any ideas how to fix?

Microsoft.SharePoint.SPException: Updates are currently disallowed on GET requests. To allow updates on a GET, set the 'AllowUnsafeUpdates' property on SPWeb.

        protected void Page_Load(object sender, EventArgs e)
        {
            try
            {
                SPWebApplication webApp = SPContext.Current.Site.WebApplication;
                SPSiteCollection siteCollections = webApp.Sites;
              开发者_C百科  foreach (SPSite item in siteCollections)
                {
                    SPWeb webItem = item.OpenWeb();
                    webItem.AllowUnsafeUpdates = true;
                }

                SPSite newSiteCollection = siteCollections.Add("sites/myblog",
                    "New Sample Site", "New Sample Site Description", 1033, "BLOG#0",
                    "foo\\foouser", "Owner name", "owneremail@foo.com");
            }
            catch (Exception ex)
            {
                Response.Write(ex.ToString() + "\t" + ex.StackTrace);
            }
        }


The problem why you are not allowed to read/write to database on GET request is because your code will be exploitable via a cross-site scripting. Read about AllowUnsafeUpdates consequences here.

Anyway, if you like, you can set this SPWeb.AllowUnsafeUpdates to true, but use it like this:

try {
  web.AllowUnsafeUpdates = true;
  ...
}
finally {
  web.AllowUnsafeUpdates = false;
}


Add a check to ensure that you are getting a POST instead of a GET before you attempt to allow updates. Make sure that whatever is making the change does it via a POST request rather than using URL parameters and a GET.

if (IsPostBack)
{
   ...
}
0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜