Error Editing Wiki Page – You must specify a value for this required field

We were having the following error editing Wiki pages:

“You must specify a value for this required field”

Actually it is a custom master page issue not hiding correctly some content place holders. We were able to solve it following the directions from this article from Travis Mathison:

“You must specify a value for this required field” error when hidding PlaceHolderPageTitleInTitleArea

See you,

Amadeu.

Advertisements

SharePoint 2010: The security validation for this page is invalid

Deploying a new subsite into a SharePoint 2010 site collection, using a custom master page we started seeing the following error message when trying to add users to groups and changing settings of document libraries/lists:

The security validation for this page is invalid.

 

Reverting the master page back to the default one, the operations worked just fine. So it seemed the master page was missing something. Searching on Google about it I found 3 interesting articles about this subject:

http://www.simple-talk.com/community/blogs/charleslee/archive/2010/01/05/85440.aspx

http://snahta.blogspot.com/2008/11/security-validation-for-this-page-is.html

http://techtrainingnotes.blogspot.com/2009/12/sharepoint-security-validation-for-this.html

 

Basically, they explain this error is caused by a lack of validation on pages which change the content database. It can be solved in 2 ways:

-Adding the AllowUnsafeUpdates to your custom code.

SPWeb web = SPContext.Current.Web;
web.AllowUnsafeUpdates = true;

-Adding the FormDigest Sharepoint control to your master page.

From the MSDN article:

“To make posts from a Web application that modify the contents of the database, you must include the FormDigest control in the form making the post. The FormDigest control generates a security validation, or message digest, to help prevent the type of attack whereby a user is tricked into posting data to the server without knowing it. The security validation is specific to a user, site, and time period and expires after a configurable amount of time. When the user requests a page, the server returns the page with security validation inserted. When the user then submits the form, the server verifies that the security validation has not changed.”

 

The second solution solved our issues and the pages worked fine!!!

 

See you,

Amadeu.