Gemini Community Support Site

This Gemini community support site can be used to find solutions to product issues. You can log in using Open Id, Google Profile and even Facebook. Feel free to ask a question or browse FAQs and documentation. Product tour videos are also available along with how-to videos demonstrating key Gemini capabilities.




Input Validation Errors

web-app

When I try to create a bug in Gemini with angle brackets in the Title, I get the following error when I click "Create":

Gemini Application Error

<p><font color="#0000ff">An application error has occured - please advise the Gemini administrator within your organization.</font></p><p>And the System Log has the following exception:</p><p><font color="#0000ff">A potentially dangerous Request.Form value was detected from the client

(ctl00$Main$IssueUC1$rtcDescription$txtTextBox="...j skja ta ."). at System.Web.HttpRequest.ValidateString(String s, String valueName, String collectionName) at System.Web.HttpRequest.ValidateNameValueCollection(NameValueCollection nvc, String collectionName) at System.Web.HttpRequest.getForm() at System.Web.HttpRequest.getHasForm() at System.Web.UI.Page.GetCollectionBasedOnMethod(Boolean dontReturnNull) at System.Web.UI.Page.DeterminePostBackMode() at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) at System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) at System.Web.UI.Page.ProcessRequest() at System.Web.UI.Page.ProcessRequest(HttpContext context) at ASP.issueissueaspx.ProcessRequest(HttpContext context) at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)

This also occurs with the Description field if we use the plain-text editor. If we use the rich text editor, the bug will be created successfully. But there is no option to use rich text in the Title field, and we prefer the plain text editor for the description as well.

Unfortunately, it is a common use case for us to have angle brackets < and > in our bugs.

Is there any way to work around this problem currently, or do I need to file a bug report about it?

The worst part is that the user is not warned before the error occurs, and the new bug they entered is completely lost.
MarcT
· 1 		MarcT
Wednesday, December 15, 2010, 12:55:30 AM
Replies (1)
helpful
0
not helpful
ANSWER

This is a bug that is fixed as part of 4.0: http://gemini.countersoft.com/Default.aspx?p=2&i=948
Mark Wing
· 9108 		Mark Wing
Wednesday, December 15, 2010, 2:17:10 PM