My customer had a viewstate MAC validation problem. As a workaround, he wanted to disable the viewstate MAC validation before find out the final solution. However, he was still seeing the problems after added follow settings in the configuration files.
<pages validateRequest="false" enableEventValidation="false" enableViewStateMac="false" viewStateEncryptionMode="Never">
Customer’s application is a pre-compiled ASP.Net application with updatable option disabled. Looking at the code generated by compiler with above settings, we found these settings are hard coded. So, this means simply add the above setting into web.config doesn’t affect a pre-compiled application. To make this taking affect, the application has to be re-compiled.
private void __BuildControlTree(default_aspx __ctrl)
__ctrl.EnableViewStateMac = false;
__ctrl.EnableEventValidation = false;
__ctrl.ViewStateEncryptionMode = ViewStateEncryptionMode.Never;
This is a by-design behavior.
ASP.NET Precompilation Overview
See you next time,