Dear all,
I have an asp.net webapp (4.0) using the RadGrid. It works as expected. But after deploying to live system, the filter does not work anymore. On our live system we have a Web Application Firewall (WAF) which checks for some security problems. One rule (set up by our Headquarter) is to deny values like semi-colon and "and" in the same line, e.g. a filter like " a; and b" results in a denial message from the WAF. As said, it's setup by Headquarter so I could not discuss that.
Now I have the problem that even a filter like "a and b" would not work. It's still denied for security reasons. I've checked the post and saw that "__EVENTARGUMENT
Is there any way to get the semi-colons removed or replaced in the __EVENTARGUMENT?
Thanks!
I have an asp.net webapp (4.0) using the RadGrid. It works as expected. But after deploying to live system, the filter does not work anymore. On our live system we have a Web Application Firewall (WAF) which checks for some security problems. One rule (set up by our Headquarter) is to deny values like semi-colon and "and" in the same line, e.g. a filter like " a; and b" results in a denial message from the WAF. As said, it's setup by Headquarter so I could not discuss that.
Now I have the problem that even a filter like "a and b" would not work. It's still denied for security reasons. I've checked the post and saw that "__EVENTARGUMENT
" contained "FireCommand:ctl00$MainContent$MyGrid$ctl00;Filter;Subject|a and b|Contains". So here we have again semicolon and "and". Probably that's the reason for the denial.Is there any way to get the semi-colons removed or replaced in the __EVENTARGUMENT?
Thanks!
1 Answer, 1 is accepted
0
Hi Kai,
The semicolons and "and" are keywords and specific to the RadGrid filtering design. Unfortunately if you replace the __EVENTARGUMENT string the RadGrid will not be able to correctly filter the data on the server because it expects string that contains semicolon which uses to separate the different arguments. There is no available workaround for the experienced issue.
Regards,
Antonio Stoilkov
the Telerik team
The semicolons and "and" are keywords and specific to the RadGrid filtering design. Unfortunately if you replace the __EVENTARGUMENT string the RadGrid will not be able to correctly filter the data on the server because it expects string that contains semicolon which uses to separate the different arguments. There is no available workaround for the experienced issue.
Regards,
Antonio Stoilkov
the Telerik team
If you want to get updates on new releases, tips and tricks and sneak peeks at our product labs directly from the developers working on the RadControls for ASP.NET AJAX, subscribe to their blog feed now.