Home/ Questions/Q 556785
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-13T11:57:24+00:00

This is a follow up to my post back in August: Asks for AD

  • 0

This is a follow up to my post back in August: Asks for AD credentials / "Connection Interrupted" on Postback

The issue popped up again for a new record and I have determined that the offending text is “… Sharepoint site[semi-colon] update team schedule …”. Notice that “[semi-colon] update team”? It’s perfectly valid, not SQL injection. Change it to a comma, it submits no problem. Change the “update” to another SQL keyword, the user gets prompted for their credentials (which are always rejected) and then displays the IIS 401.1 page.

Yes, you need to replace the [semi-colon] with the character, because SO won’t let me post.

In the @Page, I have ValidateRequest="false" (yes, the contents from the textboxes are going through HttpUtility.HtmlEncode as parameterized input to a stored procedure)

Any ideas?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    This sounds like a load balancer or similar that is seeing ;update and suspecting SQL injection. Look for a piece of offending hardware between you and the web server.

    To confirm, try posting the offending text from a session directly on the web server itself. I am guessing that you will have no problem doing so.

    • 0