"Cannot get inner content of because the contents are not literal."

Sep 22, 2009 at 8:04 AM
Edited Sep 22, 2009 at 8:12 AM
Can you please explain why this error occurs if one uses the AntiXSS module and how to avoiud it?
Thank you very much.
TargetInvocationException: Exception has been thrown by the target of an invocation. --->System.Web.HttpException: Cannot get inner content of because the contents are not literal.
at System.Web.UI.HtmlControls.HtmlContainerControl.get_InnerHtml()
--- End of inner exception stack trace ---
at System.RuntimeMethodHandle._InvokeMethodFast(Object target, Object[] arguments, SignatureStruct& sig, MethodAttributes methodAttributes, RuntimeTypeHandle typeOwner)
at System.RuntimeMethodHandle.InvokeMethodFast(Object target, Object[] arguments, Signature sig, MethodAttributes methodAttributes, RuntimeTypeHandle typeOwner)
at System.Reflection.RuntimeMethodInfo.Invoke(Object obj, BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture, Boolean skipVisibilityChecks)
at System.Reflection.RuntimeMethodInfo.Invoke(Object obj, BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
at System.Reflection.RuntimePropertyInfo.GetValue(Object obj, BindingFlags invokeAttr, Binder binder, Object[] index, CultureInfo culture)
at System.Reflection.RuntimePropertyInfo.GetValue(Object obj, Object[] index)
at Microsoft.Security.Application.SecurityRuntimeEngine.PageProtection.XssProtection.EncodeControl(Control control, String type)
at Microsoft.Security.Application.SecurityRuntimeEngine.PageProtection.XssProtection.FindAndEncodeControls(Page p, ControlCollection cc)
at Microsoft.Security.Application.SecurityRuntimeEngine.PageProtection.XssProtection.FindAndEncodeControls(Page p, ControlCollection cc)
at Microsoft.Security.Application.SecurityRuntimeEngine.PageProtection.XssProtection.EncodePage(Page p)
at Microsoft.Security.Application.SecurityRuntimeEngine.PageProtection.XssProtection.page_PreRender(Object sender, EventArgs e)
at System.EventHandler.Invoke(Object sender, EventArgs e)
at System.Web.UI.Control.OnPreRender(EventArgs e)
at System.Web.UI.Control.PreRenderRecursiveInternal()
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) 
Coordinator
Sep 22, 2009 at 3:52 PM

Hi,

Please remove the following entries at the end of antixssmodule.config file.

<ControlEncodingContext FullClassName="System.Web.UI.HtmlControls.HtmlTableCell" PropertyName="InnerHtml" EncodingContext="SafeHtml" />
    <ControlEncodingContext FullClassName="System.Web.UI.HtmlControls.HtmlTableRow" PropertyName="InnerHtml" EncodingContext="SafeHtml" />
    <ControlEncodingContext FullClassName="System.Web.UI.HtmlControls.HtmlTextArea" PropertyName="InnerHtml" EncodingContext="SafeHtml" />
    <ControlEncodingContext FullClassName="System.Web.UI.HtmlControls.HtmlAnchor" PropertyName="InnerHtml" EncodingContext="SafeHtml" />
    <ControlEncodingContext FullClassName="System.Web.UI.HtmlControls.HtmlButton" PropertyName="InnerHtml" EncodingContext="SafeHtml" />
    <ControlEncodingContext FullClassName="System.Web.UI.HtmlControls.HtmlGenericControl" PropertyName="InnerHtml" EncodingContext="SafeHtml" />

Thanks
Anil

Sep 23, 2009 at 8:28 AM

Thank you very much, Anil. The error no more occurs.

Jan 27, 2010 at 3:38 PM

The same error message occurs when the head tag is declared with runat="server".

Al

Mar 11, 2010 at 10:42 PM

I bumped into the same issue... removing the config entries cleared this up.