Have you ever seen the following message?
System.Exception: Microsoft.SharePoint.SPException: The security validation for this page is invalid. Click Back in your Web browser, refresh the page, and try your operation again. —> System.Runtime.InteropServices.COMException (0×8102006D): The security validation for this page is invalid. Click Back in your Web browser, refresh the page, and try your operation again.
Some programmers say immediately “You have to set AllowUnsafeUpdates on the Web to true and the error will be gone.” Some programmers will add: “And don’t forget to set it back to false when you’re done”.
However this brings some issues:
- This will enable SharePoint to modify the data even during POST request types. So it can happen, that e.g the search server, will modify the your SPListItems, while crawling.
- Additionaly sometimes the AllowUnsafeUpdates is automatically set back to false, e.g. when calling a Parent web.
So how to deal with it?
If you want to enable the modifications only in GET request types (e.g. in OnClick handler), then use SPUtility.ValidateFromDigest(), before you want to modify the data in SharePoint. This will automatically set AllowUnsafeUpdates to true if the request type is GET.
For more info see following cool posts:
What You Need To Know About AllowUnsafeUpdates
What You Need To Know About AllowUnsafeUpdates part 2