Recently we encountered with strange error. On production environment during saving of publishing page (draft or publish) we got the following error:
"The security validation for this page is invalid. Click Back in your Web browser, refresh the page, and try your operation again."
or on Russian (I add it in order to simplify searching for developers from Russia because I needed to create site on English in order to reproduce this error and then search for error on English :) ):
“Данные проверки безопасности этой страницы недопустимы. Нажмите кнопку ''Назад'' обозревателя, обновите страницу и повторите попытку”
The strange thing was that on our development environment everything was ok. After digging into the error I found that some people solve this error by setting in Central Administration > Application Management > Web Application General Settings > Web Page Security Validation to Off. It works in our case too. But we didn’t want to use this approach because it affects whole web application. Also the exact reason of this problem was still unknown.
After more deeper investigation I found that this message is related with FormDigest control which should present on page in order to avoid this error. In most of cases it is located in master page of web site in special content placeholder PlaceHolderFormDigest:
This was a problem: some brave designer changed master page on production by adding Visible=”false” to this placeholder:
After thankful thoughts about this designer we added FormDigest control directly in our publishing page layout (see also this post for details). Another possible solution is to remove Visible=”false” attribute from content placeholder PlaceHolderFormDigest on master page. After this change everything works – pages created based on our publishing page layout now can be saved in drafts or published. Hope it will help someone.