This is a migrated thread and some comments may be shown as answers.

Invalid sort param throws exception

4 Answers 21 Views
Grid
This is a migrated thread and some comments may be shown as answers.
Bob
Top achievements
Rank 1
Bob asked on 29 Oct 2018, 01:02 PM

We have a simple kendo MVC grid works fine.  However, if a bot/scan adds some normally invalid parameters to the querystring, the page throws an exception.

You can see that in action with the Telerik demo page:

This works

https://demos.telerik.com/aspnet-mvc/grid

This throws an exception.  If you examine the console, you'll see a 500 error

https://demos.telerik.com/aspnet-mvc/grid?grid-sort=testsort

"testsort" is not a valid column, thus an exception occurs.

The above example isn't *exactly* what's happening with our grid since our grid is bound to a server side Model rather than an ajax source, but the concept is the same.  In our page, the Kendo grid throws the error (rather than the ajax source) and the error is

Invalid property or field - '[invalid sort parameter passed in]' for type: [our model]

What is the best way to handle this since the Telerik Grid doesn't handle it automatically?  I hate to wrap every grid in a try/catch just because the telerik control doesn't handle an invalid sort param, but I can certainly do that if that's the only option.

4 Answers, 1 is accepted

Sort by
0
Angel Petrov
Telerik team
answered on 31 Oct 2018, 12:24 PM
Hello,

We are currently investigating the matter. We will post our findings as soon as possible.

Regards,
Angel Petrov
Progress Telerik
Get quickly onboarded and successful with your Telerik and/or Kendo UI products with the Virtual Classroom free technical training, available to all active customers. Learn More.
0
Angel Petrov
Telerik team
answered on 02 Nov 2018, 09:31 AM
Hello,

The described behavior is caused by the fact that invalid fields are interpreted as null. However we can not ensure that valid url parameters will be always passed. Every user can modify the URL thus resulting in such a result. Moreover it is not clear how invalid URLs should be handled. That said I suggest using try/catch blocks to handle the problematic cases.

Regards,
Angel Petrov
Progress Telerik
Get quickly onboarded and successful with your Telerik and/or Kendo UI products with the Virtual Classroom free technical training, available to all active customers. Learn More.
0
Bob
Top achievements
Rank 1
answered on 02 Nov 2018, 11:09 AM

Since a user can *always* modify the URL, seems to me that it's Telerik's duty to validate the fields they are looking at to make sure they're actually valid and handle them gracefully (maybe ignore them?)

That's a pretty common scenario in web development.  Developers have to validate query string params *all the time*.  While a workaround is to wrap the grid in a try/catch, seems like a lousy workaround long term.

0
Angel Petrov
Telerik team
answered on 05 Nov 2018, 12:06 PM
Hi,

Indeed using a try/catch block is not optimal. However if you have sort, filter and etc parameters and you want to ignore some of them which ones should be ignored. Only the invalid sort? I strongly suggest logging feature request and explaining in detail on what the desired behavior should be. If the item gets votes and opinions it will surely be scheduled for implementation.

Regards,
Angel Petrov
Progress Telerik
Get quickly onboarded and successful with your Telerik and/or Kendo UI products with the Virtual Classroom free technical training, available to all active customers. Learn More.
Tags
Grid
Asked by
Bob
Top achievements
Rank 1
Answers by
Angel Petrov
Telerik team
Bob
Top achievements
Rank 1
Share this question
or