These are done to ensure that the package writer is alerted ASAP to problems with the package.Execution validation is perhaps where most folks get tripped up.Everything in the package gets validated from the package down to the containers to the components. Then, when the runtime calls execute on each task, the Task Host calls validate again. In fact, if you were to look at the Task Host code, you'd see something like this: Now, some tasks aren't going to be ready to execute when the package Execute() method gets called.
You will need to add this protection manually if any input will be used in HTML output.
For example if user input is returned to the browser as the result from an AJAX request to a Web API method.
Now the problem is, when do components get validated?
Essentially we look at validation in a number of different ways depending on the situation.
So a host process loads the package and executes it. Since we want folks to always do strict validation, (remember no light validation), and since packages have the notion of late configuration or dynamic configuration via property expressions and foreach loops etc., and since we make the assumption that you would rather have a task fail validation then to corrupt data or otherwise fail execution in a destructive way, we validate twice.
When the designer calls Execute() on the package, the package validates. We validate the whole package and we validate each individual task right before execution.
They may be waiting for a file to be generated or dropped etc.
So, if there was no way to validate tasks after Execute() gets called on the package, the package would never run successfully.
To ensure this is configured correctly request Validation Mode should be set to "4.0" (or not set at all) in web.config: There are enhancements added to request validation starting with ASP.
NET 4.5 that include deferred ("lazy") validation, the ability to opt-out at the server control level, and the ability to access unvalidated data.
If you're designing a package, you'd like to know that it has errors during design, not when you go to execute it.