I'm bumping into issues with Microsoft Security Advisory (2659883) as a result of uploading 785k html content.
The viewstate on the control when re-rendered adds 1000+ viewstate elements, presumably mirroring the contents of the control, which causes the web server to throw an error when I try and post back an update.
I'm finding that when I disable on the control, these form elements no longer render, and the problem goes away.
If I do this:
<CE:Editor ID="EnhancedTextEditor" runat="server" Height="500px" EnableViewState="false"....
Will this behave nicely? Will the editor work without viewstate enabled?
I didn't see anything pre-existing in the forums related to disabling viewstate on the Editor control.
Steps to reproduce:
1) Start with an empty editor (no content inside) - upload about a megabyte of textual pure html information into the editor
2) Re-render the page with the editor.
3) View Source
4) validate that you have 1000+ __VIEWSTATE#### elements on your rendered page
5) erase the contents of the editor, and put in a few characters to replace it
6) post back - a patched web server should reject the request, not because of the new content, but because of all the old content stashed in viewstate.
Thanks