You are viewing limited content. For full access, please sign in.

Question

Question

When trying to pass a value through a note in Forms, if there is a carriage return the Form won't load

Laserfiche Forms
Updated July 14, 2016
asked on July 6, 2016 Show version history

Hello,

 

I have a user who in an older version of Forms used to pass a notes field. The field contained carriage returns, so they had to go into the html and wrap a <pre> tag around the notes field. This allowed the carriage returns to be translated correctly and they were able to pass the value without it causing an error. In the new version, I’m not able to do this. Every time a note has a carriage return, it won’t load the form. Is there any insight that may be able to be shed on this?

 

Thanks!

1 0

Replies

replied on July 7, 2016

Can you give more detail for your issue? How did you pass the notes field? In one form you have a notes field and in another form you use the value of notes field as default value for another field? And can you give sample for the value you entered that will cause the form not load. Please check whether there is any error on the Forms server event logs when the form is not load. You can get it from Event Viewer->Applications and Services Logs->LFForms.

0 0
replied on July 7, 2016

Hello,

 

One of their forms is sending a link to another form and the notes variable is in the link. When there is a carriage return, it is processed as a <br>. When the <br> is in a web address, it can’t process it and it will error when the user clicks on the link. If the users take out the <br> in the address line the form loads. This of course is not a solution. They have tried a fix that previously worked in version 9, that being, (wrapping the notes variable in a <pre>) but this does not work. When users click on the link in the email, it brings them to a page ( Screen shot attached). The user states that there are no errors or warnings on the server. They believe it to be an HTML issue.

Thanks!

 

2016-07-07 09_32_59-http___forms.amaisd.org_Forms_ProfPAF_ID=18260&AppID=18260&Cluster=Tascosa&Posit.jpg
2016-07-07 09_32_59-http___forms.amaisd.org_Forms_ProfPAF_ID=18260&AppID=18260&Cluster=Tascosa&Posit.jpg (17.15 KB)
Download
0 0
replied on July 7, 2016 Show version history

Can you give an example for the link in the email? The full link of something like http://forms.amaisd.org/forms?ProfPAF_ID=18260&ApppID=18620&Cluster=Tascosa

0 0
replied on July 8, 2016
0 0
replied on July 11, 2016

Hi Charles, I checked with same value for Notes field and the form can be successfully loaded for Forms 10.0 and Forms 10.1.  Can you check from Windows Logs ->Application whether there are warning message from ASP.NET when fail to load the form. Also you can check what error you get when you open following link from the Forms server directly:

http://localhost/Forms/ProfPAF?ID=18260&AppID=18260&Cluster=Tascosa&PositionType=Existing&ApprovedRequisition=&ReplacedEmplid=014380&CurrentEmployee=No&CurrentEmplid=&Notes=31%20years%20of%20experience%20coming%20from%20Bushland%20ISD%3Cbr%3ECertified%201-8%20SC,%20EC,%20ESL%20PK-8

0 0
replied on July 11, 2016

Hi Xiuhong,

Sure not a problem, I will check in with the end user and let you know what I find.

 

Thanks!

0 0
replied on July 13, 2016

Hello Xiuhong,

 

Below is the information regarding the error's you requested:

 

Event code: 3003

Event message: A validation error has occurred.

Event time: 07/12/2016 4:33:02 PM

Event time (UTC): 07/12/2016 9:33:02 PM

Event ID: bfcbac1af841484985a20ed86044dd17

Event sequence: 6902

Event occurrence: 4

Event detail code: 0

 

Application information:

    Application domain: /LM/W3SVC/1/ROOT/Forms-1-131127976047076453

    Trust level: Full

    Application Virtual Path: /Forms

    Application Path: C:\Program Files\Laserfiche\Laserfiche Forms\Forms\

    Machine name: ESCLFWEB

 

Process information:

    Process ID: 4032

    Process name: w3wp.exe

    Account name: AISD\laserfiche

 

Exception information:

    Exception type: HttpRequestValidationException

    Exception message: A potentially dangerous Request.QueryString value was detected from the client (Notes="...shland ISD<br>Certified 1-8 SC...").

   at System.Web.HttpRequest.ValidateString(String value, String collectionKey, RequestValidationSource requestCollection)

   at System.Web.HttpRequest.ValidateHttpValueCollection(HttpValueCollection collection, RequestValidationSource requestCollection)

   at System.Web.HttpRequest.get_QueryString()

   at System.Web.HttpRequest.get_Item(String key)

   at E_Forms.MvcApplication.Application_AcquireRequestState(Object sender, EventArgs e)

   at System.Web.HttpApplication.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()

   at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)

 

 

 

Request information:

    Request URL: http://forms.amaisd.org/Forms/ProfPAF?ID=18260&AppID=18260&Cluster=Tascosa&PositionType=Existing&ApprovedRequisition=&ReplacedEmplid=014380&CurrentEmployee=No&CurrentEmplid=&Notes=31 years of experience coming from Bushland ISD<br>Certified 1-8 SC, EC, ESL PK-8

    Request path: /Forms/ProfPAF

    User host address: 10.199.33.69

    User: AISD\laserfiche

    Is authenticated: True

    Authentication Type: LaserficheForms

    Thread account name: AISD\laserfiche

 

 

This is the error the server gets when I try to load the link. It is a different message than what the user sees:

Server Error in '/Forms' Application.

A potentially dangerous Request.QueryString value was detected from the client (Notes="...shland ISD<br>Certified 1-8 SC...").

Description: ASP.NET has detected data in the request that is potentially dangerous because it might include HTML markup or script. The data might represent an attempt to compromise the security of your application, such as a cross-site scripting attack. If this type of input is appropriate in your application, you can include code in a web page to explicitly allow it. For more information, see http://go.microsoft.com/fwlink/?LinkID=212874

Exception Details: System.Web.HttpRequestValidationException: A potentially dangerous Request.QueryString value was detected from the client (Notes="...shland ISD<br>Certified 1-8 SC...").

Source Error: 

An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.


Stack Trace: 

 

[HttpRequestValidationException (0x80004005): A potentially dangerous Request.QueryString value was detected from the client (Notes="...shland ISD<br>Certified 1-8 SC...").]

   System.Web.HttpRequest.ValidateString(String value, String collectionKey, RequestValidationSource requestCollection) +12689689

   System.Web.HttpRequest.ValidateHttpValueCollection(HttpValueCollection collection, RequestValidationSource requestCollection) +203

   System.Web.HttpRequest.get_QueryString() +97

   System.Web.HttpRequest.get_Item(String key) +20

   E_Forms.MvcApplication.Application_AcquireRequestState(Object sender, EventArgs e) +275

   System.Web.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() +80

   System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +165

 

Thank You

0 0
replied on July 14, 2016

You can follow http://stackoverflow.com/questions/2673850/validaterequest-false-doesnt-work-in-asp-net-4 to change the request mode to make it work.

0 0
replied on July 14, 2016

Thanks Xiuhong,

 

I will have the user look into doing this.

 

Thank You!

0 0
You are not allowed to follow up in this post.

Sign in to reply to this post.

Details
Attachments
Related Posts
Loading ...