Vulnerability in EPiServer.Forms
I've tried this:
But something goes wrong for me ...
I get an error message stating something like: "Invalid name format for storeName. Only characters a-z, 0-9, '.', and '_' are allowed for security reasons. " ... and so on ...
But when I just add a string to the PageData.PageObjects, like:pd.PageObjects["MyKey"] = "my string";
... it seems to work as it should ?
( my class is implements : EPiServer.Data.Dynamic.IDynamicData )
What is the fullname (namespace + class name) of the type your are trying to save. This is used to generate the store name.
Yes, my problem was that I was lazy and just declared this class as a public class in a no-code-behind page (a class in a class)
A response write of an instance on a Person (ToString) object gives me
ASP.templates_public_pages_ratestpage1_aspx+PersonContains a '+', witch is forbidden, regarding to the error message ;-)
Now it works as it should
BR / Richard
I get this when I try to save a PropertyBag using PageObjectManager. Is that not allowed? The exception message is:
Invalid name format for storeName. Only characters a-z, 0-9, '.', and '_' are allowed for security reasons. Name:storeName, value PageObject.CommentStatus.f794edf7-fa14-463f-881c-02839545180f.