views:

1112

answers:

3

I've just updated to .NET 3.5 SP1 and my once working ASP.NET MVC page has now stopped working.

When trying to load a page I get the following YSOD

[CryptographicException: Padding is invalid and cannot be removed.]
   System.Security.Cryptography.RijndaelManagedTransform.DecryptData(Byte[] inputBuffer, Int32 inputOffset, Int32 inputCount, Byte[]& outputBuffer, Int32 outputOffset, PaddingMode paddingMode, Boolean fLast) +7596702
   System.Security.Cryptography.RijndaelManagedTransform.TransformFinalBlock(Byte[] inputBuffer, Int32 inputOffset, Int32 inputCount) +208
   System.Security.Cryptography.CryptoStream.FlushFinalBlock() +33
   System.Web.Configuration.MachineKeySection.EncryptOrDecryptData(Boolean fEncrypt, Byte[] buf, Byte[] modifier, Int32 start, Int32 length, IVType ivType, Boolean useValidationSymAlgo) +225
   System.Web.UI.ObjectStateFormatter.Deserialize(String inputString) +195

[ViewStateException: Invalid viewstate. 
    Client IP: 127.0.0.1
    Port: 
    User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-GB; rv:1.9.0.6) Gecko/2009011913 Firefox/3.0.6 (.NET CLR 3.5.30729)
    ViewState: hC6BC8KsuD/yoy2iG74bUZ8TYhGfuDDeIjh9fg/L18yr/E+1Nk/pjS5gyn9O+2jY
    Referer: http://localhost:1092/admin/product
    Path: /admin.aspx/product/edit/4193]

[HttpException (0x80004005): Validation of viewstate MAC failed. If this application is hosted by a Web Farm or cluster, ensure that <machineKey> configuration specifies the same validationKey and validation algorithm. AutoGenerate cannot be used in a cluster.]
   System.Web.UI.ViewStateException.ThrowError(Exception inner, String persistedState, String errorPageMessage, Boolean macValidationError) +106
   System.Web.UI.ViewStateException.ThrowMacValidationError(Exception inner, String persistedState) +14
   System.Web.UI.ObjectStateFormatter.Deserialize(String inputString) +242
   System.Web.UI.ObjectStateFormatter.System.Web.UI.IStateFormatter.Deserialize(String serializedState) +4
   System.Web.Mvc.AntiForgeryTokenSerializer.Deserialize(String serializedToken) +73

If I remove the line

<%= Html.AntiForgeryToken() %>

Everything works again, any ideas what might be causing this? I would have expected more luck in finding a solution if this was an MVC or .NET issue so I'm guess it is something to do with my configuration.

I've tried reinstalling the MVC framework to see if it was because I installed before SP1 but I still get the same issue. Google and SO search hasn't resulted in any firm conclusions.

+8  A: 

Doh, just solved it.

Cleared my browser cache and cookies and everything works fine again.

Remmus
Thanks! This really helped me, was going nuts.
jesperlind
Saved me 2 hours of research. Thanks
Felipe Lima
Likewise. Why does this fix the issue? And why was there an issue in the first place?
Qua
Omg, after all thing I tried, bunch of machine keys generated, all i have to do is clear cookies! Thanks so much!
Hrvoje
A: 

The same thing just happened to me. Did you ever figure out why you had to clear out your browser cache/cookies to resolve this?

Kevin Pang
Didn't really look into it, but it seems as though it stores the validation token in a cookie. Presumably the way they create them changed slightly or after the upgrade the previous cookie was no longer valid.
Remmus
+1  A: 

Looks like this problem has been solved now. Take a look at http://forums.asp.net/p/1388671/2960554.aspx

David Archer