WebResource.axd request causing errors

[PJ]

I'm getting an error in the event viewer as well as a script error in the
browser when a page references WebResource.axd. The application is running
on W2k3 server and does not occurr on my local xp development machine.

Has anyone encountered this?

Event Type: Warning
Event Source: ASP.NET 2.0.50727.0
Event Category: Web Event
Event ID: 1309
Date: 1/5/2006
Time: 11:00:17 PM
User: N/A
Computer: 216-55-185-220
Description:
Event code: 3005
Event message: An unhandled exception has occurred.
Event time: 1/5/2006 11:00:17 PM
Event time (UTC): 1/6/2006 7:00:17 AM
Event ID: 9154807ea7364b0ba0db45c2a4f2eb90
Event sequence: 43
Event occurrence: 6
Event detail code: 0

Exception information:
Exception type: CryptographicException
Exception message: Padding is invalid and cannot be removed.

Thread information:
Thread ID: 1
Thread account name: 216-55-185-220\MyStreakASP
Is impersonating: False
Stack trace: at
System.Security.Cryptography.RijndaelManagedTransform.DecryptData(Byte[]
inputBuffer, Int32 inputOffset, Int32 inputCount, Byte[]& outputBuffer,
Int32 outputOffset, PaddingMode paddingMode, Boolean fLast)
at
System.Security.Cryptography.RijndaelManagedTransform.TransformFinalBlock(Byte[]
inputBuffer, Int32 inputOffset, Int32 inputCount)
at System.Security.Cryptography.CryptoStream.FlushFinalBlock()
at
System.Web.Configuration.MachineKeySection.EncryptOrDecryptData(Boolean
fEncrypt, Byte[] buf, Byte[] modifier, Int32 start, Int32 length, Boolean
useValidationSymAlgo)
at System.Web.UI.Page.DecryptString(String s)
at
System.Web.Handlers.AssemblyResourceLoader.System.Web.IHttpHandler.ProcessRequest(HttpContext
context)
at
System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean&
completedSynchronously)

 

[eric.olstad]

I'm dealing with the same problem right now. I'm pulling my hair out.
Any luck finding a solution?

 

[Sam Norris]

Me too ... any update?

Thanks

 

[eric.olstad]

Nothing here... still haven't corrected the issue.

 

[Sam Norris]

My issue was that I had an http module that performed an SSL redirect
based on page name and webresource.axd was not being requested from the
same url or something ... anyhow, I am going to have to cross this
bridge again since SSL vs non-SSL redirects is common between pages on
the site.

 

[eric.olstad]

Microsoft considers this problem resolved, yet I've seen multiple
instances of it occuring with other people on non-webfarm sites:

http://lab.msdn.microsoft.com/Produ...edbackid=17c64976-ee21-4055-9de4-992d9c59e589

Tis quite annoying. Currently I've modified my web.config so that I
can actually develop and test my site without this problem killing my
sessions. But my site probably has some security hole that I'm not
going to tackle just yet.

 

[eric.olstad]

I've finally found a solution, and it is beautiful, but also completely
frustrating at the same time. Long story short, it's the machineKey
element in the web.config.

Go here, to generate a validation key.
http://www.eggheadcafe.com/articles/GenerateMachineKey/GenerateMachineKey.aspx

By setting this value, you define a validation key that will match the
cookie and no more CryptographicException. It worked beautifully for
me. The frustrating part is that no one could tell us this simple
solution.