I just read Hacking Exposed Web edition and it said you can pass sql injections through a query string. I tried passing html code as well and I get an unhandled exception. Here is what I got: Exception Details: System.Web.HttpRequestValidationException: A potentially
dangerous Request.QueryString value was detected from the client (h=""). An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception
stack trace below. I have a Try Catch ex As Exception End Try block but apparently the unhandled is not considered a normal exception. Any Ideas?
If you just catch the General Exception which you are trying to do, then you should be able to catch any error that is thrown. I suggest you check your code.
Seeing that the Try/Catch ex as Exception is in place, I suggest stepping through it to ensure that the exception is in fact occuring in your try/catch block. Most likely, the exception is being thrown outside, and you're just not aware of it.
To catch all errors you need to use the Page_Error handler. It catches and handles any error that occurs in a page and is executed whenever an unhandled exception occurs. You must include Server.ClearError() otherwise the default error generated by the ASP.NET
framework would be displayed. Private Sub Page_Error(ByVal sender As Object, ByVal e As System.EventArgs) Handles MyBase.Error Response.write(Server.GetLastError.Message) Server.ClearError() End Sub
aspnoob18
Member
259 Points
77 Posts
Catch ex As Exception not working
Dec 09, 2003 02:37 PM|LINK
CraziJ
Member
355 Points
69 Posts
Re: Catch ex As Exception not working
Jan 02, 2004 11:39 PM|LINK
Sr. Programmer
KraGiE
Star
14567 Points
2926 Posts
Re: Catch ex As Exception not working
Jan 03, 2004 12:06 AM|LINK
aspnoob18
Member
259 Points
77 Posts
Re: Catch ex As Exception not working
Feb 06, 2004 01:19 PM|LINK