Invalid viewstate error in asp net page


ASP.NET is a popular programming language used for developing web . However, like any other programming language, it is not its challenges. One common issue that developers often encounter is the “Invalid viewstate error” in ASP.NET pages. In this article, we will explore this error and provide solutions to resolve it.

Understanding the Invalid Viewstate Error

The viewstate is a used by ASP.NET to persist the state of a web page across postbacks. It is a hidden field that stores the of controls on the page. When a postback occurs, the viewstate is sent back to the server, allowing it to recreate the page and restore the control values.

However, sometimes developers may encounter an “Invalid viewstate” error, which occurs when the server detects that the viewstate has been tampered with or is invalid. This can happen due to various reasons, such as:

  • Modifying the viewstate on the client-side using JavaScript
  • Manipulating the viewstate during transmission
  • Using an outdated or incorrect viewstate

Solutions to the Invalid Viewstate Error

1. EnableViewStateMac

One way to prevent the Invalid viewstate error is by enabling the ViewStateMac property. This property adds a authentication code (MAC) to the viewstate, ensuring its integrity. To enable ViewStateMac, add the following code at the beginning of your ASP.NET page:

Enabling ViewStateMac helps protect against viewstate tampering and ensures that the viewstate is valid when received by the server.

2. ViewState Encryption

Another approach to address the Invalid viewstate error is by encrypting the viewstate. This adds an extra layer of security and prevents unauthorized modifications. To enable viewstate encryption, add the following code at the beginning of your ASP.NET page:

By setting the ViewStateEncryptionMode to “Always,” the viewstate will be encrypted being sent to the client and decrypted on the server-side. This ensures that the viewstate remains and cannot be tampered with.

3. ViewState Validation

ASP.NET provides built-in validation mechanisms to detect tampering of the viewstate. By enabling viewstate validation, the server can verify the integrity of the viewstate and reject any invalid or tampered viewstate. To enable viewstate validation, add the following code at the beginning of your ASP.NET page:

Enabling viewstate validation ensures that the viewstate is valid and has not been tampered with. If an invalid viewstate is detected, ASP.NET will throw an , preventing the page from loading.


The “Invalid viewstate error” in ASP.NET pages can be a frustrating issue for developers. However, by the solutions mentioned above, you can prevent and resolve this error. Enabling ViewStateMac, ViewState Encryption, and ViewState Validation provide security and ensure the integrity of the viewstate. By following these best practices, you can enhance the reliability and security of your ASP.NET applications.

Rate this post

Leave a Reply

Your email address will not be published. Required fields are marked *

Table of Contents