Monday, September 21, 2009

Personalization and Audience Targeting Reset Page Content Bug

Scenario
  • Personalization and Web Part Audience Targeting are both enabled on a MOSS 2007 page.
  • Some web parts are audience trimmed for a particular user
  • That user personalizes the page
  • The user selects "Reset Page Content" from the User Welcome Menu
    • Or they select "Reset Web Part Content" from the Web Part's "Edit" menu
Issue
  • The audience trimmed web parts are incorrectly shown to the user
    • This may be a security issue if the audience targeted web part has confidential information on it
  • After refreshing the page, the page displays correctly
Resolution
  • I developed the following simple workaround
Workaround
  • Add the following usercontrol (2 files) to the 12 Hive\Template\ControlTemplates folder
    • PersonalizationResetPageContentRefreshBugFix.ascx
      • <%@ Control Language="VB" AutoEventWireup="false" CodeFile="PersonalizationResetPageContentRefreshBugFix.ascx.vb" Inherits="UserControls_PersonalizationResetPageContentRefreshBugFix" %>
    • PersonalizationResetPageContentRefreshBugFix.ascx.vb
      • Partial Class UserControls_PersonalizationResetPageContentRefreshBugFix
    Inherits System.Web.UI.UserControl

    Protected Sub Page_PreRender(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.PreRender
        Dim strPageRestore As String = Request.Form.Get("MSOWebPartPage_RestorePageDefault")
        Dim strPartRestore As String = Request.Form.Get("MSO_RestoreSettings")
        If Not String.IsNullOrEmpty(strPageRestore) OrElse _
                Not String.IsNullOrEmpty(strPartRestore) Then
            'Force a client side redirect and end response so no untargeted info goes to client.
            Response.Redirect(Page.Request.Url.AbsoluteUri, True)
            'Response Ends
        End If
    End Sub
End Class
  • Add the following lines to each master page where personalization and audiences are used
    • The following line goes with the other Register tags at the top of the master page
      <%@ Register TagPrefix="wssuc" TagName="PersonalizationResetBugFix" src="~/_controltemplates/PersonalizationResetPageContentRefreshBugFix.ascx" %>
    • The following line goes within the BODY/FORM section
      • <wssuc:PersonalizationResetBugFix id="IdPersonalizationResetBugFix" runat="server" EnableViewState="false"/>
Posted by at
Labels: , , , ,

2 comments:

  1. RobertRFreemanSeptember 21, 2009 at 2:40 PM

    Note that that this came about after unsuccessfully trying to get MS support to fix the issue over 6 months. I was finally authorized to spend some time to figure out a workaround and came up with this within a day.
    Here is the Forum that describes the issue in more detail: http://social.technet.microsoft.com/Forums/en-US/sharepointadmin/thread/8a163cef-a78e-4fe0-ac20-6dcd011a6836

    ReplyDelete
  2. RobertRFreemanSeptember 29, 2009 at 5:41 PM

    I updated this code to handle both the Web Part and Page level resets.

    ReplyDelete

Subscribe to: Post Comments (Atom)