Yesterday, April 1st, around 2:35PM Eastern, several of my web forms became extremely slow/non-responsive for a period of about 5 minutes or so. This also happened on March 14th. Since it happened so quickly, I could only do limited troubleshooting, but it seems like any of our forms that has a Radgrid became slow. One of our forms has been in use since last winter and has not been changed since last last year. Only a few hundred records exist in that database.

I tried to open the web forms in Edge, instead of Chrome, and sometimes the form would initially open. When I closed out and went back in, the form would become non-responsive. I have menus on my forms and those always loaded, but the grid did not. And then after a few minutes, everything started to work fine again.

We checked IIS and the memory seemed fine at the time of the slowness. We checked the error logs at that time of failure and did not see anything either. It was a bit tough to troubleshoot as it was relatively brief both times it happened.

Has anyone else complained about this? Maybe a recent patch could be behind this?  I'm not sure what to think/try.

I use telerik web ui  2024.1.131.45 in my asp net web app. Using Rad Image Gallery the thumbnail is not showing (see attached). Any idea why?

Thanks before

HI Guys

I was wondering if you WebForms PdfViewer can accomplish updating fillable PDF and save the data entries into a new PDF, explain

I have a fillable PDF with a few fillable textboxes, and I would like to capture the user inputs and save as a new PDF for then later continue filling the blanks loading the new saved PDF.

I've tried accomplishing the task using iTextSharp but it was not possible here is my code for reference.

string existingPdfilePath = Server.MapPath("~/export/I-693_1000_202502191951256806.pdf");
 string updatedPdfPath = Server.MapPath("~/App_Data/I-693_" + Guid.NewGuid().ToString() + ".pdf");

 using (FileStream pdfReaderStream = new FileStream(existingPdfilePath, FileMode.Open, FileAccess.Read))
            {
                using (FileStream pdfWriterStream = new FileStream(updatedPdfPath, FileMode.Create, FileAccess.Write))
                {
                    PdfReader reader = new PdfReader(pdfReaderStream);
                    PdfStamper stamper = new PdfStamper(reader, pdfWriterStream);

                    AcroFields formFields = stamper.AcroFields;
                    foreach (DictionaryEntry de in reader.AcroFields.Fields)
                    {
                        //sb.Append(de.Key.ToString() + Environment.NewLine);
                        var fullname = formFields.GetTranslatedFieldName(de.Key.ToString());
                        formFields.RenameField(fullname, Guid.NewGuid().ToString("N"));
                        if (de.Key.ToString() != fullname)
                            if (!String.IsNullOrEmpty(de.Value.ToString()))
                            {
                                if (fullname != "form1[0].#pageSet[0].Page1[9].PDF417BarCode2[0]")
                                {
                                    formFields.SetField(de.Key.ToString(), de.Value.ToString());
                                }
                            }
                    }
                    stamper.Close();
                    reader.Close();
                }

As a PDFViewer I am using the plain html embed tag

 <embed class="pdf" 
               src=
"~/Templates/I-693_100_2025045512.pdf"
            width="800" height="500" />

The user data entries vanish like a ghost, and when saving it just make a copy of the original with no captured data entries

Can your PDFViewer accomplish the task?

I am using Visual Studio 2019 c#

I have a telerik radgrid which has a column named StageStDate which is in string format but shows a date in format dd-mmm-yy. This column has filtering enabled with a date picker.

I have a hidden column named StageStartDate which is a replicate of StageStDate but is a date column and in format DD/MM/YYYY.

As StageStDate wont filter correctly as its a string format, when user select a date for this column from filter I would like the filtering to apply to the StageStartDate column, how can I achieve this please?

On ItemCommand I have changed the Pair Second to StageStartDate instead of StageStDate

but for some reason this makes the filterExpression blank.

Hi there,

I am currently trying to figure out a problem with the display of the calendar in the ASP AJAX RadDateTimePicker control. It seems like the bottom shadow of the calendar is either offset or the calendar is a little too short and causes a gap between the calendar pane and the shadow.

Even after stripping away ALL possible conflicting CSS, the above image is still what we get. I am using a standard RadDateTimePicker control without any embellishments. Literally, just:

<telerik:RadDateTimePicker ID="myID" runat="server"></telerik:RadDateTimePicker>

Has anyone seen this issue before? 

Cheers

Gareth

Hello,

I was notified that one of the sites I developed is returning a vulnerability to cross site scripting.  I have already tried many ways to correct this issue with code and content security policy changes.  I still can't get rid of this vulnerability.  We are using Progress® Telerik® UI for ASP.NET AJAX runtime version: v4.0.30319 version: 2020.1.114.45.  Can I download the trail of asp.net ajax and try that version of the treeview and see if that corrects the issue?

Issue Detail

The value of the scrollPosition JSON parameter within the ctl00_ContentPlaceHolder1_VIndex2_tvIndex_ClientState parameter is copied into the HTML document as plain text between tags. The payload sbi7s<script>alert(1)</script>tx52l was submitted in the scrollPosition JSON parameter within the ctl00_ContentPlaceHolder1_VIndex2_tvIndex_ClientState parameter. This input was echoed unmodified in the application's response.

Request

older1_VIndex2_tvIndex_ClientState=%7b%22expandedNodes%22%3a[]%2c%22collapsedNodes%22%3a[]%2c%22logEntries%22%3a[]%2c%22selectedNodes%22%3a[]%2c%22checkedNodes%22%3a[]%2c%22scrollPosition%22%3a%220**sbi7s%3cscript%3ealert(1)%3c%5c%2fscript%3etx52l**%22%7d&ctl00_RadWindowManager1_ClientState=&__ASYNCPOST=true&ctl00%24ContentPlaceHolder1%24VIndex2%24btnAddCart=Add%20To%20Cart

Response

> HTTP/2 200 OK
> Cache-Control: no-cache 
> Pragma: no-cache 
> Content-Type: text/plain; charset=utf-8 
> Expires: -1 
> Server: Microsoft-IIS/10.0 
> X-Powered-By: ASP.NET 
> X-Frame-Options: SAMEORIGIN 
> X-Ua-Compatible: IE=edge,IE=11,IE=10,IE=9,IE=8,IE=7 
> Strict-Transport-Security: max-age=31536000 
> Date: Wed, 19 Mar 2025 16:26:27 GMT 
> Content-Length: 82 
> 68|error|500|0**sbi7s<script>alert(1)</script>tx52l** is not a valid value for Int32.|

What is the best way to pinpoint this issue?  How can I look at the scrollposition and how is that causing this issue?

How do I fix this so it isn't showing up on the scans?

Thank you

We have an application that uses RadGrid and one of our clients recently performed a penetration test on our application and identified the hidden input _ClientState as a vulnerability because they were able to trigger a buffer overflow error.

Here is the relevant code from the test where ClientState=AAA repeats ...

Is there a way to prevent this from happening? Perhaps some way to set the max length for this hidden input or some other technique that we can utilize to mitigate this vulnerability?

We are using Telerik RadControls for ASP.NET Ajax.

For reference, there is another thread related to this topic (i.e., ClientState hidden field) where my colleague posted a similar question but received no response - http://www.telerik.com/forums/what-is-clientstate-input-hidden-for

Hello

we have an application that needs to be put behind a reverse proxy for security reasons. The URLs in the app all need to point to the reverse proxy URLs. However, the URLs for web resources and the dynamically generated JavaScript URLs point to the backend server, so a lot of functionality is broken. We have no possibility to modify reverse proxy rules.

Is there any way to modify or rewrite  the dynamically generated URLs and the web resource URLs ? We tried intervening the page rendering, some stuff works, but a lot of other things do not.

Thanks!