The event validation mechanism reduces the risk of unauthorized postback requests and callbacks. When the EnableEventValidation property is set to true, ASP.NET allows only the events that can be raised by the control during a postback request or callback.
Note: |
|---|
This event validation mechanism reduces the risk of unauthorized postback requests and callbacks. With this model, a control registers its events during rendering and then validates the events during the post-back or callback handling. All event-driven controls in ASP.NET use this feature by default. |
It is strongly recommended that you do not disable event validation. If you do disable event validation, make sure that no postback could be constructed that could have an unintended effect on your application.
In most circumstances, you set the EnableEventValidation property by setting the enabledEventValidation attribute of the @ Page directive or the enableEventValidation attribute of the pages element in the Web.config file. If you set the EnableEventValidation property in code, set it in the Page_Init phase of page processing.