IIS 7 and Above
Application Request Routing (ARR)
HTTP 400 Errors - Using Rewrite Rule to Redirect the Request via IIS...
Last post Sep 17, 2018 11:51 AM by lextm
Sep 14, 2018 04:06 AM|Ronak29|LINK
I am having a problem when I use ARR in IIS to redirect the traffic when I get longer URLs from Proxy Application. It is throwing HTTP 400 Bad Request when longer URLs are coming up (>~ 260 Characters). I have tried to increase the size of UrlSegmentMaxLength
in Registry editor however it is still creating the problem and some of the requests which are crossing >260 characters are not working (This is actually long URL and not a Query String Parameters).
We tried to restart IIS as well as HTTP service along with modifying maxUrlLength, maxQueryStringLength, MaxFieldLength and MaxRequestBytes as a workaround however we are still facing a same 400 errors. We cannot convert our proxy application to reduce the
URL size or convert into Post request.
Is there any solution for this problem to override URL limits in IIS apart from what I have already tried?
Sep 14, 2018 12:13 PM|lextm|LINK
It is throwing HTTP 400 Bad Request
Use failed request tracing to see the source of such 400 responses, https://docs.microsoft.com/en-us/iis/troubleshoot/using-failed-request-tracing/troubleshooting-failed-requests-using-tracing-in-iis
Sep 17, 2018 07:45 AM|Ronak29|LINK
Thank you for offering me suggestion. I have tried to enable Failed Request Tracing and I could see 400 errors are logging in there. However, I do not see any concrete reason why it is still failing after reviewing FRTL. My requests are still failing if
URL path is crossing > 260 which indicates something wrong about setting my Registry setting for UrlSegmentMaxLength (which I tried to reboot both HTTP service and system).
Do you have any other suggestion please?
Sep 17, 2018 11:51 AM|lextm|LINK
However, I do not see any concrete reason why it is still failing after reviewing FRTL.
That's normal as analyzing such requires experience.
Open a support case via http://support.microsoft.com
and share the logs with Microsoft (because they can contain confidential information about your system, which is not easy to mask by hand).
If you insist analyzing on your own, I suggest you do more experiments and see if you can understand how the tracing works, and how to interpret the information it generates.