Bad Request Error In Asp.net
LaingJanuary 29, 20095 0 0 0 After sending an HTTP request to an IIS server, an HTTP client (such as Internet Explorer) may display the following type of error message in the browser window: If Internet Explorer’s Friendly HTTP Error Messages option is turned off, the error may resemble the following: In these scenarios, IIS has rejected the client’s HTTP request because it did not meet the server’s parsing rules, or it exceeded time limits, or failed some other rule that IIS requires incoming requests to adhere to. IIS sends the HTTP 400 – Bad Request status back to the client, and then terminates the TCP connection. Troubleshooting When troubleshooting an HTTP 400 condition, it is important to remember that the underlying problem is that the client has sent a request to IIS that breaks one or more rules that HTTP.sys is enforcing. With that in mind, you will want to see exactly what the client is sending to IIS; to do this, capture a network trace of the client sending the bad request. You can analyze the trace to see the raw data that the client sends to IIS, and to see the raw response data that IIS sends back to the client. You can also use an HTTP sniffer tool called Fiddler; this is a great tool as it allows you to see the HTTP headers even if the client and server are communicating over SSL. The next data item you will want to use is the httperr.log file. Beginning in IIS 6.0, the HTTP.sys component handles incoming HTTP requests before they are passed along to IIS, and is the component responsible for blocking requests that don’t meet the IIS requirements. When HTTP.sys blocks the request, it will log information to its httperr.log file concerning the bad request. NOTE: For more information on the HTTP API error logging that HTTP.sys provides, see the following article: Error logging in HTTP API http://support.microsoft.com/?id=820729 It is technically possible, although not very likely, that a client will receive an HTTP 400 response which does not have an associated log entry in the httperr.log. This could happen if an ISAPI filter or extension or an HTTP module in IIS sets the 400 status, in which case you could look at the IIS log for more information. It could also happen if an entity between the client and the server, such as a proxy server or other network device, intercepts a response from IIS and overrides it with its own 400 s
here for a quick overview of the site Help Center Detailed answers to any questions you might have Meta Discuss the workings and policies of this site About Us Learn more about Stack Overflow the company Business Learn more about hiring developers or posting ads with us Stack Overflow Questions Jobs Documentation Tags Users Badges Ask Question x Dismiss Join the Stack Overflow Community Stack Overflow is a community of 4.7 million programmers, just like you, helping each other. Join them; https://blogs.msdn.microsoft.com/webtopics/2009/01/29/how-to-troubleshoot-http-400-errors/ it only takes a minute: Sign up How do I return an HTTP 400 - Bad Request error from a web form request? up vote 1 down vote favorite The subject pretty much says it all. I have an EstateReport web form that must be called with an EstateId request parameter. I want to return an appropriate HTTP error is http://stackoverflow.com/questions/7166410/how-do-i-return-an-http-400-bad-request-error-from-a-web-form-request this parameter us not present. How do I return an HTTP error 400 as my response? On a tangent, should I return an error if the required parameter isn't present, which I feel is more correct, or redirect to the search page for the report, which is more user friendly? asp.net webforms asp.net-4.0 share|improve this question asked Aug 23 '11 at 19:23 ProfK 12.4k63251493 add a comment| 3 Answers 3 active oldest votes up vote 1 down vote accepted So from what I understand the form requires a parameter to display results in a meaningful way. A 400 is a Bad Request, while I understand your thinking, the specification states: "The request could not be understood by the server due to malformed syntax. The client SHOULD NOT repeat the request without modifications." In its purest sense, if someone requests say "EstateReport.aspx" without a parameter, the server can still interpret this and reply with an appropriate response, so its not a "bad request" in its broadest sense. What I would suggest is you detect the absence of the param
returning a Bad Request error. On initial inspection, I was unable to reproduce the issue. After talking to our product manager, I learned that he was trying to seed the search with the text “% %”. https://lostechies.com/joshuaflanagan/2009/04/28/asp-net-400-bad-request-with-restricted-characters/ We have a quick search text box that lets you enter your criteria, and it http://forums.asp.net/t/1731158.aspx?HTTP+Error+400+Bad+Request has some built in rules about which fields it applies the criteria to. If you need more control over the criteria, you can enable the advanced search, and your quick search criteria will automatically be populated in the advanced search page. The way we were doing that was by passing the criteria in the URL, as in: http://localhost/dovetailcrm/contacts/query/yourbasiccriteria. To seed the bad request advanced search for “% %’, it would load http://localhost/dovetailcrm/contacts/query/%25%20%25 (% URI encodes as %25, space encodes as %20) We were properly encoding the request, so what the problem? Attempting to load that URL would cause the error: 400 Bad Request ASP.NET detected invalid characters in the URL. Proceed at your own risk My first instinct was to suspect URLScan, or the IIS 7.0 equivalent. After a bit of googling, it became apparent that ASP.NET really didn’t like bad request error it when you tried to pass a %, &, *, or : in the URL. The various fixes were scattered around different forum posts, but summed up nicely at Dirk.Net. Unfortunately, the only answer seemed to be “make a registry change” or “don’t pass those characters in your URL”. That didn’t sit well with me – it didn’t seem right that there was no way to pass those characters in the URL without having to change your server configuration which could potentially expose your site to security risks. Just because you can, doesn’t mean you should After a little bit of experimentation, I discovered that you certainly CAN pass those characters in a URL: they just have to be passed in the query string (the part after the question mark). It suddenly started to make sense why there was not a whole lot of information on this error, and why the little information that was available seemed to be related to ASP.NET MVC. Up until ASP.NET MVC (or more accurately, System.Web.Routing), you would almost always send parameterized data in the URL as part of the query string. It wasn’t until we got Routing that we started putting parameters in the path portion of the URL. So after making a short story long, the solution was to simply pass the information the old fashioned way, in the query string: http:
ASP.NET Community Standup Forums Help Home/ASP.NET Forums/General ASP.NET/Getting Started/HTTP Error 400: Bad Request HTTP Error 400: Bad Request [Answered]RSS 2 replies Last post Oct 18, 2011 04:53 AM by salman behera ‹ Previous Thread|Next Thread › Print Share Twitter Facebook Email Shortcuts Active Threads Unanswered Threads Unresolved Threads Support Options Advanced Search Reply MoneyRan Member 55 Points 224 Posts HTTP Error 400: Bad Request Oct 17, 2011 12:45 PM|MoneyRan|LINK I have the following line in my page mark up: