Developer forum

Forum » Development » RE: Ajax call no longer works

RE: Ajax call no longer works

E-mail notifications
Marco Santos
Reply
Posted on 26/11/2013 19:06:50

Hello.

 

We have some AJAX calls that have stoppped working because of DW injection checks and I was wondering 1) what parts of it are the problem and 2) if there is a way to get around it without changing the parameters.

 

The call is, for example, "http://ebk2_dw8.local.dynamicweb.pt/public/EBKajaxCalls.ashx?str_resultId=2068&obj_mealplan[0][str_mealPlan]=3&obj_tariff[0][num_tariffId]=1&obj_schedule[0][num_scheduleIndex]=" (on my local machine). If I don´t disable injection checks I get a 404 message. If I disable the injection checks I get this:

 

System.Net.Mail.SmtpException: Failure sending mail. ---> System.Net.WebException: The remote name could not be resolved: 'smtp.dynamicsystems.dk' at System.Net.ServicePoint.GetConnection(PooledStream PooledStream, Object owner, Boolean async, IPAddress& address, Socket& abortSocket, Socket& abortSocket6, Int32 timeout) at System.Net.PooledStream.Activate(Object owningObject, Boolean async, Int32 timeout, GeneralAsyncDelegate asyncCallback) at System.Net.PooledStream.Activate(Object owningObject, GeneralAsyncDelegate asyncCallback) at System.Net.ConnectionPool.GetConnection(Object owningObject, GeneralAsyncDelegate asyncCallback, Int32 creationTimeout) at System.Net.Mail.SmtpConnection.GetConnection(ServicePoint servicePoint) at System.Net.Mail.SmtpClient.Send(MailMessage message) --- End of inner exception stack trace --- at System.Net.Mail.SmtpClient.Send(MailMessage message) at Dynamicweb.Database.SqlInjectionSendMail(String illegalFound)
System.Net.Mail.SmtpException: Failure sending mail. ---> System.Net.WebException: The remote name could not be resolved: 'smtp.dynamicsystems.dk' at System.Net.ServicePoint.GetConnection(PooledStream PooledStream, Object owner, Boolean async, IPAddress& address, Socket& abortSocket, Socket& abortSocket6, Int32 timeout) at System.Net.PooledStream.Activate(Object owningObject, Boolean async, Int32 timeout, GeneralAsyncDelegate asyncCallback) at System.Net.PooledStream.Activate(Object owningObject, GeneralAsyncDelegate asyncCallback) at System.Net.ConnectionPool.GetConnection(Object owningObject, GeneralAsyncDelegate asyncCallback, Int32 creationTimeout) at System.Net.Mail.SmtpConnection.GetConnection(ServicePoint servicePoint) at System.Net.Mail.SmtpClient.Send(MailMessage message) --- End of inner exception stack trace --- at System.Net.Mail.SmtpClient.Send(MailMessage message) at Dynamicweb.Database.SqlInjectionSendMail(String illegalFound)
System.Net.Mail.SmtpException: Failure sending mail. ---> System.Net.WebException: The remote name could not be resolved: 'smtp.dynamicsystems.dk' at System.Net.ServicePoint.GetConnection(PooledStream PooledStream, Object owner, Boolean async, IPAddress& address, Socket& abortSocket, Socket& abortSocket6, Int32 timeout) at System.Net.PooledStream.Activate(Object owningObject, Boolean async, Int32 timeout, GeneralAsyncDelegate asyncCallback) at System.Net.PooledStream.Activate(Object owningObject, GeneralAsyncDelegate asyncCallback) at System.Net.ConnectionPool.GetConnection(Object owningObject, GeneralAsyncDelegate asyncCallback, Int32 creationTimeout) at System.Net.Mail.SmtpConnection.GetConnection(ServicePoint servicePoint) at System.Net.Mail.SmtpClient.Send(MailMessage message) --- End of inner exception stack trace --- at System.Net.Mail.SmtpClient.Send(MailMessage message) at Dynamicweb.Database.SqlInjectionSendMail(String illegalFound)
{"FullPrice":170.00,"UnitPrice":150.00,"FullPricePerDay":170.00,"FullPricePerPerson":85.00,"FullPricePerPersonPerDay":85.00,"fullPricePerPersonType":[{"Id":3,"Price":75.00}],"fullPricePerPersonTypePerDay":[{"Id":3,"Price":75.00}],"UnitPricePerDay":150.00,"PriceWithExtras":290.00,"PriceWithExtrasPerDay":290.00,"PriceWithExtrasPerPerson":145.00,"PriceWithExtrasPerPersonPerDay":145.00,"PriceWithExtrasPerPersonType":[{"Id":3,"Price":135.00}],"PriceWithExtrasPerPersonTypePerDay":[{"Id":3,"Price":135.00}],"AvailableExtras":[{"Id":2,"Name":"Acesso ao ginásio","Price":"5,00","PricePerDay":"5,00"},{"Id":1,"Name":"Berço extra","Price":"10,00","PricePerDay":"10,00"}]}

 

Any ideas on how to get it working again?

 

Thanks.

 

Marco


Replies

 
Martin Nielsen
Posted on 27/11/2013 08:06:59
Reply

Hi Marco,

 

The last error you get, could be caused by your SMTP server in GlobalSettings.aspx.

You can't use smtp.dynamicsystems.dk from your local machine.

 

Try changing it to a SMTP server that is accessible from you location.

 

 

// Martin

 
Nicolai Høeg Pedersen
Posted on 29/11/2013 14:17:48
Reply
This post has been marked as an answer

Hi Marco

 

You can change it to a post instead of a get. The injection thingie does not like the [0] syntax of your querystring.

 

BUT, we have changed this a Little for the NeXT hotfix where [] testing is loosened up Again - it is a Little too rigid. Just tested your querystring against it, and it will not be caught after that update.

 

The SMTP error is what Martin suggests. The error comes from the security engine that tries to email an error report.

 

BR Nicolai

Votes for this answer: 1
 
Marco Santos
Posted on 02/12/2013 15:24:13
Reply

Thanks for the info and the hotfix.:)

 

You must be logged in to post in the forum