Here we will discuss about What is AllowUnsafeUpdates in SharePoint 2010?
Also check out:
- Get all security group names using SharePoint object model
- Get icon for different file types in SharePoint 2010
- Twitter SharePoint webpart
According to msdn The AllowUnsafeUpdates property of the SPWeb class gets or sets a Boolean value that specifies whether to allow updates to the database as a result of a GET request or without requiring a security validation.
If you set it to true, then it will update values to the content database but there is a security risk.
It always took boolean values, TRUE means unsafe updates are allowed, FALSE means unsafe updates are not allowed.
If you are developing a webpage that will respond to HTTP GET requests, or a custom web form page that doesn’t inherit from the WebPartPage type and doesn’t use the Form Digest control, you will need to instruct SharePoint to skip the digest validation; otherwise, your code will not work.
For example if you want to change a list's title by using object model then you have use the
AllowUnsafeUpdates property as below.
SPWeb web = SPContext.Current.Web
SPList list = web.Lists["OurCustomList"];
try
{
web.AllowUnsafeUpdates = true;
list.Title = "My List Title Changed";
list.Update();
}
finally
{
web.AllowUnsafeUpdates = false;
}
It is always advisable to revert the AllowUnsafeUpdates value to false after executing your code.
Remember if you inherit the page from WebPartPage class then no need to use AllowUnsafeUpdates.
Also check out:
- Get all security group names using SharePoint object model
- Get icon for different file types in SharePoint 2010
- Twitter SharePoint webpart
According to msdn The AllowUnsafeUpdates property of the SPWeb class gets or sets a Boolean value that specifies whether to allow updates to the database as a result of a GET request or without requiring a security validation.
If you set it to true, then it will update values to the content database but there is a security risk.
It always took boolean values, TRUE means unsafe updates are allowed, FALSE means unsafe updates are not allowed.
If you are developing a webpage that will respond to HTTP GET requests, or a custom web form page that doesn’t inherit from the WebPartPage type and doesn’t use the Form Digest control, you will need to instruct SharePoint to skip the digest validation; otherwise, your code will not work.
For example if you want to change a list's title by using object model then you have use the
AllowUnsafeUpdates property as below.
SPWeb web = SPContext.Current.Web
SPList list = web.Lists["OurCustomList"];
try
{
web.AllowUnsafeUpdates = true;
list.Title = "My List Title Changed";
list.Update();
}
finally
{
web.AllowUnsafeUpdates = false;
}
It is always advisable to revert the AllowUnsafeUpdates value to false after executing your code.
Remember if you inherit the page from WebPartPage class then no need to use AllowUnsafeUpdates.
Hello, my name is Bijay. I'm a SharePoint MVP. 