ASP.NET keeps forcing us to restart IIS

Collapse
This topic is closed.
X
X
Collapse
 
  • Page of 1
  • Time
  • Show
Clear All
new posts
Previous template Next
  • David Thielen
    #1

    ASP.NET keeps forcing us to restart IIS

    Hi;

    We keep having to restart IIS after ASP.NET kills it. Below is what we
    have in the event log. Any idea what the problem is?

    thanks - dave

    Event code: 3003
    Event message: A validation error has occurred.
    Event time: 6/23/2008 9:07:24 AM
    Event time (UTC): 6/23/2008 3:07:24 PM
    Event ID: 2f03e4f296b84e5 5883e2451ad8be3 bd
    Event sequence: 28
    Event occurrence: 1
    Event detail code: 0

    Application information:
    Application domain: /LM/W3SVC/134438206/Root-4-128587031812871 768
    Trust level: Full
    Application Virtual Path: /
    Application Path: C:\Inetpub\wwwr oot\store\
    Machine name: SIMBA

    Process information:
    Process ID: 2380
    Process name: w3wp.exe
    Account name: NT AUTHORITY\NETWO RK SERVICE

    Exception information:
    Exception type: HttpRequestVali dationException
    Exception message: A potentially dangerous Request.Form value was
    detected from the client
    (ctl00$ContentP laceHolder1$for mRegister$txtUs ername="<a href=
    http://effe...").

    Request information:
    Request URL: http://store.windward.net/register.aspx
    Request path: /register.aspx
    User host address: 84.16.224.91
    User:
    Is authenticated: False
    Authentication Type:
    Thread account name: NT AUTHORITY\NETWO RK SERVICE

    Thread information:
    Thread ID: 1
    Thread account name: NT AUTHORITY\NETWO RK SERVICE
    Is impersonating: False
    Stack trace: at System.Web.Http Request.Validat eString(String s,
    String valueName, String collectionName)
    at
    System.Web.Http Request.Validat eNameValueColle ction(NameValue Collection
    nvc, String collectionName)
    at System.Web.Http Request.get_For m()
    at System.Web.Http Request.get_Has Form()
    at System.Web.UI.P age.GetCollecti onBasedOnMethod (Boolean
    dontReturnNull)
    at System.Web.UI.P age.DeterminePo stBackMode()
    at System.Web.UI.P age.ProcessRequ estMain(Boolean
    includeStagesBe foreAsyncPoint, Boolean includeStagesAf terAsyncPoint)
    at System.Web.UI.P age.ProcessRequ est(Boolean
    includeStagesBe foreAsyncPoint, Boolean includeStagesAf terAsyncPoint)
    at System.Web.UI.P age.ProcessRequ est()
    at System.Web.UI.P age.ProcessRequ estWithNoAssert (HttpContext
    context)
    at System.Web.UI.P age.ProcessRequ est(HttpContext context)
    at ASP.register_as px.ProcessReque st(HttpContext context) in
    c:\WINDOWS\Micr osoft.NET\Frame work\v2.0.50727 \Temporary ASP.NET
    Files\root\f713 f0b2\5f149ca1\A pp_Web_flrms-p4.18.cs:line 0
    at
    System.Web.Http Application.Cal lHandlerExecuti onStep.System.W eb.HttpApplicat ion.IExecutionS tep.Execute()
    at System.Web.Http Application.Exe cuteStep(IExecu tionStep step,
    Boolean& completedSynchr onously)


    Custom event details:

    For more information, see Help and Support Center at
    http://go.microsoft.com/fwlink/events.asp.

    _______________ _______________ _______________ ____________
    Error: 2

    Event code: 3005
    Event message: An unhandled exception has occurred.
    Event time: 6/22/2008 3:55:32 AM
    Event time (UTC): 6/22/2008 9:55:32 AM
    Event ID: 3ed9343f80c14d9 7a8000495dec6bd 87
    Event sequence: 1
    Event occurrence: 1
    Event detail code: 0

    Application information:
    Application domain: /LM/W3SVC/1/Root/vote-10-128586021323611 738
    Trust level:
    Application Virtual Path: /vote
    Application Path: c:\inetpub\wwwr oot\vote\
    Machine name: SIMBA

    Process information:
    Process ID: 2764
    Process name: w3wp.exe
    Account name: NT AUTHORITY\NETWO RK SERVICE

    Exception information:
    Exception type: HttpException
    Exception message: Server cannot access application directory
    'c:\inetpub\www root\vote\'. The directory does not exist or is not
    accessible because of security settings.

    Request information:
    Request URL: http://simba.windward.net/vote/register.aspx
    Request path: /vote/register.aspx
    User host address: 65.55.209.5
    User:
    Is authenticated: False
    Authentication Type:
    Thread account name: NT AUTHORITY\NETWO RK SERVICE

    Thread information:
    Thread ID: 7
    Thread account name: NT AUTHORITY\NETWO RK SERVICE
    Is impersonating: False
    Stack trace: at
    System.Web.Http Runtime.EnsureA ccessToApplicat ionDirectory()
    at System.Web.Http Runtime.Hosting Init(HostingEnv ironmentFlags
    hostingFlags)

    ----------------------------------------------------
    Error 3:

    Event code: 3003
    Event message: A validation error has occurred.
    Event time: 6/22/2008 11:42:27 AM
    Event time (UTC): 6/22/2008 5:42:27 PM
    Event ID: 9b7d368e50d7465 fa0192612aa200f 34
    Event sequence: 55
    Event occurrence: 2
    Event detail code: 0

    Application information:
    Application domain: /LM/W3SVC/134438206/Root-5-128585480464695 927
    Trust level: Full
    Application Virtual Path: /
    Application Path: C:\Inetpub\wwwr oot\store\
    Machine name: SIMBA

    Process information:
    Process ID: 2764
    Process name: w3wp.exe
    Account name: NT AUTHORITY\NETWO RK SERVICE

    Exception information:
    Exception type: HttpRequestVali dationException
    Exception message: A potentially dangerous Request.Form value was
    detected from the client
    (ctl00$ContentP laceHolder1$for mRegister$txtUs ername="<a href=
    http://psil...").

    Request information:
    Request URL: http://store.windward.net/register.aspx
    Request path: /register.aspx
    User host address: 84.16.224.91
    User:
    Is authenticated: False
    Authentication Type:
    Thread account name: NT AUTHORITY\NETWO RK SERVICE

    Thread information:
    Thread ID: 1
    Thread account name: NT AUTHORITY\NETWO RK SERVICE
    Is impersonating: False
    Stack trace: at System.Web.Http Request.Validat eString(String s,
    String valueName, String collectionName)
    at
    System.Web.Http Request.Validat eNameValueColle ction(NameValue Collection
    nvc, String collectionName)
    at System.Web.Http Request.get_For m()
    at System.Web.Http Request.get_Has Form()
    at System.Web.UI.P age.GetCollecti onBasedOnMethod (Boolean
    dontReturnNull)
    at System.Web.UI.P age.DeterminePo stBackMode()
    at System.Web.UI.P age.ProcessRequ estMain(Boolean
    includeStagesBe foreAsyncPoint, Boolean includeStagesAf terAsyncPoint)
    at System.Web.UI.P age.ProcessRequ est(Boolean
    includeStagesBe foreAsyncPoint, Boolean includeStagesAf terAsyncPoint)
    at System.Web.UI.P age.ProcessRequ est()
    at System.Web.UI.P age.ProcessRequ estWithNoAssert (HttpContext
    context)
    at System.Web.UI.P age.ProcessRequ est(HttpContext context)
    at ASP.register_as px.ProcessReque st(HttpContext context) in
    c:\WINDOWS\Micr osoft.NET\Frame work\v2.0.50727 \Temporary ASP.NET
    Files\root\f713 f0b2\5f149ca1\A pp_Web_flrms-p4.18.cs:line 0
    at
    System.Web.Http Application.Cal lHandlerExecuti onStep.System.W eb.HttpApplicat ion.IExecutionS tep.Execute()
    at System.Web.Http Application.Exe cuteStep(IExecu tionStep step,
    Boolean& completedSynchr onously)


    Custom event details:

    For more information, see Help and Support Center at

    ---------------------------------------
    Error 4:

    Event code: 3003
    Event message: A validation error has occurred.
    Event time: 6/22/2008 12:13:47 PM
    Event time (UTC): 6/22/2008 6:13:47 PM
    Event ID: 67a6806ac07a46d 28b25026b09d679 ee
    Event sequence: 477
    Event occurrence: 2
    Event detail code: 0

    Application information:
    Application domain:
    /LM/W3SVC/1059338337/Root/apps-2-128585473525179 216
    Trust level: Full
    Application Virtual Path: /apps
    Application Path: C:\Inetpub\wwwr oot\windwardrep orts\apps\
    Machine name: SIMBA

    Process information:
    Process ID: 2764
    Process name: w3wp.exe
    Account name: NT AUTHORITY\NETWO RK SERVICE

    Exception information:
    Exception type: HttpRequestVali dationException
    Exception message: A potentially dangerous Request.Form value was
    detected from the client
    (ctl00$ContentP laceHolder1$wiz Consult$cbNewRe leases="...r=21 5628
    <a href="http://foru...").

    Request information:
    Request URL: http://www.windwardreports.com/apps/consult.aspx
    Request path: /apps/consult.aspx
    User host address: 12.150.97.253
    User:
    Is authenticated: False
    Authentication Type:
    Thread account name: NT AUTHORITY\NETWO RK SERVICE

    Thread information:
    Thread ID: 13
    Thread account name: NT AUTHORITY\NETWO RK SERVICE
    Is impersonating: False
    Stack trace: at System.Web.Http Request.Validat eString(String s,
    String valueName, String collectionName)
    at
    System.Web.Http Request.Validat eNameValueColle ction(NameValue Collection
    nvc, String collectionName)
    at System.Web.Http Request.get_For m()
    at System.Web.Http Request.get_Has Form()
    at System.Web.UI.P age.GetCollecti onBasedOnMethod (Boolean
    dontReturnNull)
    at System.Web.UI.P age.DeterminePo stBackMode()
    at System.Web.UI.P age.ProcessRequ estMain(Boolean
    includeStagesBe foreAsyncPoint, Boolean includeStagesAf terAsyncPoint)
    at System.Web.UI.P age.ProcessRequ est(Boolean
    includeStagesBe foreAsyncPoint, Boolean includeStagesAf terAsyncPoint)
    at System.Web.UI.P age.ProcessRequ est()
    at System.Web.UI.P age.ProcessRequ estWithNoAssert (HttpContext
    context)
    at System.Web.UI.P age.ProcessRequ est(HttpContext context)
    at ASP.consult_asp x.ProcessReques t(HttpContext context) in
    c:\WINDOWS\Micr osoft.NET\Frame work\v2.0.50727 \Temporary ASP.NET
    Files\apps\8ac7 d19f\a7c0441c\A pp_Web_yaqibenw .14.cs:line 0
    at
    System.Web.Http Application.Cal lHandlerExecuti onStep.System.W eb.HttpApplicat ion.IExecutionS tep.Execute()
    at System.Web.Http Application.Exe cuteStep(IExecu tionStep step,
    Boolean& completedSynchr onously)


    Custom event details:

    For more information, see Help and Support Center at

    ------------------------------------------
    Error: 5

    Event code: 3005
    Event message: An unhandled exception has occurred.
    Event time: 6/22/2008 4:40:46 PM
    Event time (UTC): 6/22/2008 10:40:46 PM
    Event ID: a4d63ab5eb10451 0b3096559d9a27f 53
    Event sequence: 27
    Event occurrence: 2
    Event detail code: 0

    Application information:
    Application domain:
    /LM/W3SVC/1059338337/Root/vote-6-128585510226679 682
    Trust level: Full
    Application Virtual Path: /vote
    Application Path: C:\Inetpub\wwwr oot\windwardrep orts\vote\
    Machine name: SIMBA

    Process information:
    Process ID: 2764
    Process name: w3wp.exe
    Account name: NT AUTHORITY\NETWO RK SERVICE

    Exception information:
    Exception type: NullReferenceEx ception
    Exception message: Object reference not set to an instance of an
    object.

    Request information:
    Request URL: http://www.windwardreports.com/vote/captcha.aspx
    Request path: /vote/captcha.aspx
    User host address: 65.55.235.201
    User:
    Is authenticated: False
    Authentication Type:
    Thread account name: NT AUTHORITY\NETWO RK SERVICE

    Thread information:
    Thread ID: 1
    Thread account name: NT AUTHORITY\NETWO RK SERVICE
    Is impersonating: False
    Stack trace: at JpegImage.Proce ssRequest(HttpC ontext context)
    in c:\Inetpub\wwwr oot\windwardrep orts\vote\App_C ode\JpegImage.c s:line
    32
    at
    System.Web.Http Application.Cal lHandlerExecuti onStep.System.W eb.HttpApplicat ion.IExecutionS tep.Execute()
    at System.Web.Http Application.Exe cuteStep(IExecu tionStep step,
    Boolean& completedSynchr onously)


    Custom event details:

    For more information, see Help and Support Center at

    --------------------------------------
    Error: 6

    Windows cannot unload your classes registry file - it is still in use
    by other applications or services. The file will be unloaded when it
    is no longer in use.



    For more information, see Help and Support Center at
    http://go.microsoft.com/fwlink/events.asp.


    david@at-at-at@windward.dot .dot.net
    Windward Reports -- http://www.WindwardReports.com
    me -- http://dave.thielen.com

    Cubicle Wars - http://www.windwardreports.com/film.htm
    Tags: None
    • Steven Cheng [MSFT]
      #2
      Re: ASP.NET keeps forcing us to restart IIS

      Thanks for your reply Dave,

      I think the fact is that the validation is more restricted on input data
      from end user since that's the biggest surface for external
      attack(maliciou s code maybe injected within data input). For Label
      control, since it display data from our internal data, generally it will
      expect those data to be valid or depend on our application's validatio
      policy(whether we'll encode all output or not...). Label control is
      supportting direct html output. For output that need to be restricted, the
      Literal control provide more flexible settings.

      Sincerely,

      Steven Cheng
      Microsoft MSDN Online Support Lead


      Delighting our customers is our #1 priority. We welcome your comments and
      suggestions about how we can improve the support we provide to you. Please
      feel free to let my manager know what you think of the level of service
      provided. You can send feedback directly to my manager at:
      msdnmg@microsof t.com.

      =============== =============== =============== =====
      Get notification to my posts through email? Please refer to
      Microsoft Learn: Build skills that open doors in your career
      http://msdn.microsoft.com/subscriptions/managednewsgroups/default.aspx#notif
      Gain technical skills through documentation and training, earn certifications and connect with the community

      ications.

      =============== =============== =============== =====
      This posting is provided "AS IS" with no warranties, and confers no rights.
      --------------------
      >From: David Thielen <thielen@nospam .nospam>
      >Subject: Re: ASP.NET keeps forcing us to restart IIS
      >Date: Fri, 27 Jun 2008 10:03:27 -0600
      >
      >Hi;
      >
      >A follow-up question. Why doesn't the Label control have a property
      >where it will HtmlEncode all text making the control safe?
      >
      >thanks - dave
      >
      >
      >On Fri, 27 Jun 2008 06:18:58 GMT, stcheng@online. microsoft.com (Steven
      >Cheng [MSFT]) wrote:
      >
      >>Hi Dave,
      >>
      >>Yes, as Bruce has mentioned, the error entry indicate that the posted
      form
      >>data contains illegal characters(such as markup...) which should be
      >>prevented in html form input. Is such input really expected for your
      >>ASP.NET page? If so, you can try turn off request in @page directive:
      >>
      >>#ASP.NET Request Validation and Cross-Site Scripting
      >>http://weblogs.asp.net/shankun/archi.../02/82534.aspx
      >>
      >>#Request Validation - Preventing Script Attacks
      >>http://www.asp.net/learn/whitepapers...st-validation/
      >>
      >>Or if you do want to prevent this in page, as Bruce suggested, the best
      >>place is validate the input at client-side.
      >>
      >>Sincerely,
      >>
      >>Steven Cheng
      >>
      >>Microsoft MSDN Online Support Lead
      >
      >
      >david@at-at-at@windward.dot .dot.net
      >Windward Reports -- http://www.WindwardReports.com
      >me -- http://dave.thielen.com
      >
      >Cubicle Wars - http://www.windwardreports.com/film.htm
      >

        Comment

        • David Thielen
          #3
          Re: ASP.NET keeps forcing us to restart IIS

          Anyone with a suggested regexp that will allow any common text
          including CJK, hebrew, & arabic?

          On Fri, 27 Jun 2008 09:55:45 -0600, David Thielen
          <thielen@nospam .nospamwrote:
          >Hi;
          >
          >Thank you guys - I just assumed everyone handled this properly in the
          >code behind so I never thought that a page level check was needed. But
          >according to the posts, this is needed.
          >
          >So... to keep life simple and have a nicer error message, does anyone
          >know what regexp to use to disallow the characters this tests for?
          >I'll just put that against our text fields like name, etc - because a
          >name can be in Chinese and therefore [A-Z] won't cut it. I figure the
          >safe way is to say anything except the disallowed letters.
          >
          >thanks - dave

          david@at-at-at@windward.dot .dot.net
          Windward Reports -- http://www.WindwardReports.com
          me -- http://dave.thielen.com

          Cubicle Wars - http://www.windwardreports.com/film.htm

            Comment

            • David Thielen
              #4
              Re: ASP.NET keeps forcing us to restart IIS

              That makes sense - thanks


              On Mon, 30 Jun 2008 03:47:54 GMT, stcheng@online. microsoft.com (Steven
              Cheng [MSFT]) wrote:
              >Thanks for your reply Dave,
              >
              >I think the fact is that the validation is more restricted on input data
              >from end user since that's the biggest surface for external
              >attack(malicio us code maybe injected within data input). For Label
              >control, since it display data from our internal data, generally it will
              >expect those data to be valid or depend on our application's validatio
              >policy(wheth er we'll encode all output or not...). Label control is
              >supportting direct html output. For output that need to be restricted, the
              >Literal control provide more flexible settings.
              >
              >Sincerely,
              >
              >Steven Cheng
              >Microsoft MSDN Online Support Lead
              >
              >
              >Delighting our customers is our #1 priority. We welcome your comments and
              >suggestions about how we can improve the support we provide to you. Please
              >feel free to let my manager know what you think of the level of service
              >provided. You can send feedback directly to my manager at:
              >msdnmg@microso ft.com.
              >
              >============== =============== =============== ======
              >Get notification to my posts through email? Please refer to
              >http://msdn.microsoft.com/subscripti...ult.aspx#notif
              >ications.
              >
              >============== =============== =============== ======
              >This posting is provided "AS IS" with no warranties, and confers no rights.
              >--------------------
              >>From: David Thielen <thielen@nospam .nospam>
              >>Subject: Re: ASP.NET keeps forcing us to restart IIS
              >>Date: Fri, 27 Jun 2008 10:03:27 -0600
              >
              >>
              >>Hi;
              >>
              >>A follow-up question. Why doesn't the Label control have a property
              >>where it will HtmlEncode all text making the control safe?
              >>
              >>thanks - dave
              >>
              >>
              >>On Fri, 27 Jun 2008 06:18:58 GMT, stcheng@online. microsoft.com (Steven
              >>Cheng [MSFT]) wrote:
              >>
              >>>Hi Dave,
              >>>
              >>>Yes, as Bruce has mentioned, the error entry indicate that the posted
              >form
              >>>data contains illegal characters(such as markup...) which should be
              >>>prevented in html form input. Is such input really expected for your
              >>>ASP.NET page? If so, you can try turn off request in @page directive:
              >>>
              >>>#ASP.NET Request Validation and Cross-Site Scripting
              >>>http://weblogs.asp.net/shankun/archi.../02/82534.aspx
              >>>
              >>>#Request Validation - Preventing Script Attacks
              >>>http://www.asp.net/learn/whitepapers...st-validation/
              >>>
              >>>Or if you do want to prevent this in page, as Bruce suggested, the best
              >>>place is validate the input at client-side.
              >>>
              >>>Sincerely,
              >>>
              >>>Steven Cheng
              >>>
              >>>Microsoft MSDN Online Support Lead
              >>
              >>
              >>david@at-at-at@windward.dot .dot.net
              >>Windward Reports -- http://www.WindwardReports.com
              >>me -- http://dave.thielen.com
              >>
              >>Cubicle Wars - http://www.windwardreports.com/film.htm
              >>

              david@at-at-at@windward.dot .dot.net
              Windward Reports -- http://www.WindwardReports.com
              me -- http://dave.thielen.com

              Cubicle Wars - http://www.windwardreports.com/film.htm

                Comment

                • Norm
                  #5
                  Re: ASP.NET keeps forcing us to restart IIS

                  On Jun 30, 9:17 am, David Thielen <thie...@nospam .nospamwrote:
                  Anyone with a suggested regexp that will allow any common text
                  including CJK, hebrew, & arabic?
                  >
                  On Fri, 27 Jun 2008 09:55:45 -0600, David Thielen
                  >
                  <thie...@nospam .nospamwrote:
                  Hi;
                  >
                  Thank you guys - I just assumed everyone handled this properly in the
                  code behind so I never thought that a page level check was needed. But
                  according to the posts, this is needed.
                  >
                  So... to keep life simple and have a nicer error message, does anyone
                  know what regexp to use to disallow the characters this tests for?
                  I'll just put that against our text fields like name, etc - because a
                  name can be in Chinese and therefore [A-Z] won't cut it. I figure the
                  safe way is to say anything except the disallowed letters.
                  >
                  thanks - dave
                  >
                  david@at-at...@windward. dot.dot.net
                  Windward Reports --http://www.WindwardRep orts.com
                  me --http://dave.thielen.co m
                  >
                  Cubicle Wars -http://www.windwardrep orts.com/film.htm
                  "[^><]*" should work. (Just off the top of my head so test,test,test! )

                  Also, the HttpRequestVali dationException only accounts for half of the
                  errors in that list. Having to restart IIS is a separate issue. Quick
                  guess: Rapid-fail settings on the application pool.

                    Comment

                    • David Thielen
                      #6
                      Re: ASP.NET keeps forcing us to restart IIS

                      that worked great - thanks - dave

                      On Mon, 30 Jun 2008 10:08:05 -0700 (PDT), Norm <neonorm@gmail. com>
                      wrote:

                      ....
                      >"[^><]*" should work. (Just off the top of my head so test,test,test! )

                      david@at-at-at@windward.dot .dot.net
                      Windward Reports -- http://www.WindwardReports.com
                      me -- http://dave.thielen.com

                      Cubicle Wars - http://www.windwardreports.com/film.htm

                        Comment

                        Previous template Next
                        Working...