Thursday, June 25, 2015

Offline, can not save EPiServer 7.x

We recently started getting an odd error message whenever we edited a page. EPiServers auto save functionality was throwing an error in the console




POST http://mysite.local/episerver/cms/Stores/contentdata/ 500 (Internal Server Error)”.

We searched the internets for some clues about what could be wrong. Many posts hinted about page properties beeing missmatched with the settings in the database





Further digging into the logs we found this

Here’s the stack trace:
[InvalidOperationException: This request has probably been tampered with. Close the browser and try again.]
   EPiServer.Framework.Web.AspNetAntiForgery.ThrowForgeryException() +374
   EPiServer.Shell.Services.Rest.RestHttpHandler.ProcessRequest(HttpContextBase httpContext) +109
   System.Web.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() +913

   System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +165

and

ERROR - 1.2.5 Unhandled exception in ASP.NET
System.InvalidOperationException: This request has probably been tampered with. Close the browser and try again.
   at EPiServer.Framework.Web.AspNetAntiForgery.ThrowForgeryException()
   at EPiServer.Shell.Services.Rest.RestHttpHandler.ProcessRequest(HttpContextBase httpContext)
   at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
   at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)

ERROR - Cross-site request forgery detected [Client IP: XX.XX.XX.XX, Referer: http://mysite.local/episerver/CMS/#context=epi.cms.contentdata:///317, Url: http://mysite.local/episerver/cms/Stores/contentversion/, User: UserName]

although, the error that led us to the solution was this little fella

"the required anti-forgery cookie __requestverificationtoken is not present"

It turns out that we had marked the cookies as secure (as we all should) with the configuration setting
<system.web><httpCookies requireSSL="true" /></system.web>


But we were accessing the site with http. So the real underlying error was that last one, “the required anti-forgery cookie __requestverificationtoken is not present”. The site was requesting secure anti-forgery cookies but was getting standard unsecure cookies, thus the tampering exception

The solution, query the site with https or change the setting to requireSSL=”false”

Monday, June 1, 2015

EPiServer Digital Experience Cloud nyheterna

EPiServer Digital Experience Cloud DXC avtäcktes i slutet i förra veckan. Den nya paketeringen av EPiServer CMS, kundupplevelsehantering, digital marknadsföring och e-handel är riktad mot den nya tidens sälj- och marknadsinriktade organisationer som senaste året lärt sig utnyttja molnet för fördelar som enkel upprättning, flexibel skalbarhet och agil hantering av nya behov hos sina kunder.

Plattformen som tjänst erbjuds numera i pakteringar riktade sig mot de fyra målgrupperna:

  • Professional
  • Group
  • Corporate och 
  • Enterprise

Integrationsmotorn Digital Experience Hub (DXH) ingår numera i produkten och kopplar an till system som Marketo, Salesforce Marketing Cloud (ExactTarget), Microsoft Dynamics CRM, Google Universal Analytics, Hubspot och Salesforce Sales Cloud (Pardot).

Dessutom finns omfattande förbättringar inom Content Staging samt Content collaboration för effektivare samarbete kontor världen över.

Hör gärna av er om ni är intresserade av att veta mer om den nya plattformen.