Thursday, June 19, 2014

Allow unsafe updates and Form digest

When you SharePoint application throws this error
Microsoft.SharePoint.SPException: The security validation for this page is invalid.

You need to ensure to use the "AllowUnsafeUpdates" property of SPWeb class has been set to true where ever you are trying to update the SharePoint items.
After you update revert back to true in your code.

Because SharePoint restricts the cross-site script injection when you are trying to update or change over the HTTP Requests.

FormDigest  is the counterpart to AllowUnsafeUpdates in Server object model in Client side object model.
All SharePoint Forms uses the "FormDigest" value by default.Just open any of the edit form in SharePoint in the browser and see the "View Source code" of the page.
You can see the "FormDigest" value.