Blank White Page After Loading

After applying a Microsoft Security Patch users accessing pages receive a blank white page upon page load.

Stack Traces will reveal the following errors:

Type:
System.Web.HttpException
Message: Bad request. Operation is not valid due to the current state of the object.
StackTrace: at Blackbaud.Web.Content.Core.PortalSettings..ctor() at Blackbaud.Web.Content.Core.PortalSettings.Current() at Blackbaud.Web.Content.Core.CMSRedirect.CMSRedirectList.get_CMSRedirectDatalist() at Blackbaud.Web.Content.Core.CMSRedirect.CMSRedirectList.GetRedirectForRequest(String requestUrl) at Blackbaud.Web.Content.Portal.AuthenticationModule.PreformCMSRedirects() at Blackbaud.Web.Content.Portal.AuthenticationModule.BeginRequest(Object sender, EventArgs e) at System.Web.HttpApplication.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
CreateDate: 2012-05-04 13:09:09.780


Cause:

 Microsoft Patch: MS11-100:

Security Update for the .NET Framework 4 released December 29, 2011

 
Overview:

This bulletin fixes the DOS attack vector by providing a limit to the number of variables that can be submitted for a single HTTP POST request.  The default limit is 500 which should be enough for normal web applications, but still low enough to neutralize the attack.  This addresses the most obvious attack method immediately and leaves the reimplementation of the hash function for a future update.  Overall the bulletin addresses four issues: one critical, two important (one of them the DOS issue).


Resolution: 

Rollback the Microsoft security update or

Add the following setting key to the web-config files to overcome this limitation.  Note: this is an example to increase it to 2000.

<appSettings>
    <add key="aspnet:MaxHttpCollectionKeys" value="2000" />
 </appSettings>

Environment

 6.45.1346, patch 0

Was this article helpful?