Home/ Questions/Q 6008409
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-23T01:49:11+00:00

I’m a little confused. I haven’t explicitly set the Web.config <pages ViewStateEncryptionMode=Always /> ,

  • 0

I’m a little confused. I haven’t explicitly set the Web.config <pages ViewStateEncryptionMode="Always" />, and so this MSDN page says that it should default to Auto. This MSDN page says that Auto should cause the viewstate information to be encrypted if a control requests encryption by calling the RegisterRequiresViewStateEncryption method. But, none of my controls call that method. So it looks like my viewstate should, in fact, not be encrypted.

However, when I copy/paste the viewstate into one of the various online viewstate decoders, I’m told that the viewstate serialized data is invalid. So, is my viewstate encrypted or not? Is there some obvious way to tell? Has the default ASP.net behaviour changed to encode the viewstate by defualt unless you disable it?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    If its set to Always or auto, all control state would be encrypted.All controls calling RegisterRequiresViewStateEncryption view state would be encrypted ir-respective of Auto/Always. If your ‘custom control’ needs encryption call this.

    See this on MSDN

    If you are developing a custom control that deals with potentially sensitive information, call the RegisterRequiresViewStateEncryption method to register the control with the page and ensure view state for the control is encrypted.

    The entire page state will be
    encrypted if the
    ViewStateEncryptionMode is set to Auto
    or Always.

    • 0