Setting the Text property of BulletedList is not supported.

Jul 16, 2010 at 3:16 PM
Edited Jul 16, 2010 at 3:19 PM

I have following exception and can't google solution anywhere. I use 3.1 vesrion of the library and default antixssmodule.config file with the following lines being commented

<!--<ControlEncodingContext FullClassName="System.Web.UI.HtmlControls.HtmlTableCell" PropertyName="InnerHtml" EncodingContext="SafeHtml" />  

 <ControlEncodingContext FullClassName="System.Web.UI.HtmlControls.HtmlTableRow" PropertyName="InnerHtml" EncodingContext="SafeHtml" />  

 <ControlEncodingContext FullClassName="System.Web.UI.HtmlControls.HtmlTextArea" PropertyName="InnerHtml" EncodingContext="SafeHtml" />  

 <ControlEncodingContext FullClassName="System.Web.UI.HtmlControls.HtmlAnchor" PropertyName="InnerHtml" EncodingContext="SafeHtml" />  

 <ControlEncodingContext FullClassName="System.Web.UI.HtmlControls.HtmlButton" PropertyName="InnerHtml" EncodingContext="SafeHtml" />    

<ControlEncodingContext FullClassName="System.Web.UI.HtmlControls.HtmlGenericControl" PropertyName="InnerHtml" EncodingContext="SafeHtml" />-->

 

Setting the Text property of BulletedList is not supported.

Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

Exception Details: System.NotSupportedException: Setting the Text property of BulletedList is not supported.

Source Error:

 

An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.


Stack Trace:

[NotSupportedException: Setting the Text property of BulletedList is not supported.]
   System.Web.UI.WebControls.BulletedList.set_Text(String value) +57

[TargetInvocationException: Exception has been thrown by the target of an invocation.]
   System.RuntimeMethodHandle._InvokeMethodFast(Object target, Object[] arguments, SignatureStruct& sig, MethodAttributes methodAttributes, RuntimeTypeHandle typeOwner) +0
   System.RuntimeMethodHandle.InvokeMethodFast(Object target, Object[] arguments, Signature sig, MethodAttributes methodAttributes, RuntimeTypeHandle typeOwner) +71
   System.Reflection.RuntimeMethodInfo.Invoke(Object obj, BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture, Boolean skipVisibilityChecks) +261
   System.Reflection.RuntimeMethodInfo.Invoke(Object obj, BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture) +29
   System.Reflection.RuntimePropertyInfo.SetValue(Object obj, Object value, BindingFlags invokeAttr, Binder binder, Object[] index, CultureInfo culture) +92
   System.Reflection.RuntimePropertyInfo.SetValue(Object obj, Object value, Object[] index) +25
   Microsoft.Security.Application.SecurityRuntimeEngine.PageProtection.XssProtection.EncodeControl(Control control, String type) +405
   Microsoft.Security.Application.SecurityRuntimeEngine.PageProtection.XssProtection.FindAndEncodeControls(Page p, ControlCollection cc) +338
   Microsoft.Security.Application.SecurityRuntimeEngine.PageProtection.XssProtection.FindAndEncodeControls(Page p, ControlCollection cc) +191
   Microsoft.Security.Application.SecurityRuntimeEngine.PageProtection.XssProtection.FindAndEncodeControls(Page p, ControlCollection cc) +191
   Microsoft.Security.Application.SecurityRuntimeEngine.PageProtection.XssProtection.FindAndEncodeControls(Page p, ControlCollection cc) +191
   Microsoft.Security.Application.SecurityRuntimeEngine.PageProtection.XssProtection.FindAndEncodeControls(Page p, ControlCollection cc) +191
   Microsoft.Security.Application.SecurityRuntimeEngine.PageProtection.XssProtection.FindAndEncodeControls(Page p, ControlCollection cc) +191
   Microsoft.Security.Application.SecurityRuntimeEngine.PageProtection.XssProtection.FindAndEncodeControls(Page p, ControlCollection cc) +191
   Microsoft.Security.Application.SecurityRuntimeEngine.PageProtection.XssProtection.FindAndEncodeControls(Page p, ControlCollection cc) +191
   Microsoft.Security.Application.SecurityRuntimeEngine.PageProtection.XssProtection.FindAndEncodeControls(Page p, ControlCollection cc) +191
   Microsoft.Security.Application.SecurityRuntimeEngine.PageProtection.XssProtection.FindAndEncodeControls(Page p, ControlCollection cc) +191
   Microsoft.Security.Application.SecurityRuntimeEngine.PageProtection.XssProtection.FindAndEncodeControls(Page p, ControlCollection cc) +191
   Microsoft.Security.Application.SecurityRuntimeEngine.PageProtection.XssProtection.EncodePage(Page p) +85
   Microsoft.Security.Application.SecurityRuntimeEngine.PageProtection.XssProtection.page_PreRender(Object sender, EventArgs e) +74
   System.EventHandler.Invoke(Object sender, EventArgs e) +0
   System.Web.UI.Control.OnPreRender(EventArgs e) +8684342
   System.Web.UI.Control.PreRenderRecursiveInternal() +80
   System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +842

 

Coordinator
Jul 16, 2010 at 3:29 PM

Weird - that shouldn't be happening as it's not part of the configuration.

For now I'd suggest excluding that control in code using the exclusion attribute. I'll take a look over the next week to see if it still happens in the rewritten version, and correct it there, but the fix probably won't be back ported I'm afraid.RT610N