a. Supported by all the browsers b. can be useful for executing database queries without needing textboxes and button for entring the input and submitting c. Easy to use.
Disadvantages: a. All the information in querystring is visible to user not secure. b. limited to URL length of 255 characters.
if u have a large data my suggestion is go ahead with cross page posting or session
how cross page posting can apply is write the content in a hidden field and access it from page 2
chk out :: http://simplyasp.blogspot.in/2011/02/getting-value-from-previous-page-or.html
If u find this post helpful.Please mark as answer.
As you suggested, we will not be able to use hidden fields or session variables, as the request is to wcf service through JavaScript (ExtJS Ajax). Therefore, it has to come through querystring. Also, as per documentation, it is currently allowing 2048 characters
through querystring. However, the requirement demands more. So, we need to set maxQueryStringLength in web.config to higher value so that we can send more bigger querystring through request. Therefore, we need to evaluate whether there is any drawback of increasing
this setting.
As mentioned there is provision to increase the max querylength in httpruntime of web.config. I have set it to 10000 characters default being 2048. I need to know whether there is any disadvantage of increasing this limit.
As mentioned there is provision to increase the max querylength in httpruntime of web.config. I have set it to 10000 characters default being 2048. I need to know whether there is any disadvantage of increasing this limit.
I guess there is a potential DOS vulnerability but that depends on how you actually handle the request. hmmm
I can't see any other security flaws unless somehow putting something longer on the query string besides a browser limit can be harmful. Do browser max length query strings take precedence over this value is another question I don't
have the answer to. Thanks for asking though, maybe someone on here can shed more light on this.
more info :: http://www.element-it.com/onlinehelp/webconfig.html
If u find this post helpful.Please mark as answer.
As mentioned there is provision to increase the max querylength in httpruntime of web.config. I have set it to 10000 characters default being 2048. I need to know whether there is any disadvantage of increasing this limit.
I guess there is a potential DOS vulnerability but that depends on how you actually handle the request. hmmm
I can't see any other security flaws unless somehow putting something longer on the query string besides a browser limit can be harmful. Do browser max length query strings take precedence over this value is another question I don't
have the answer to. Thanks for asking though, maybe someone on here can shed more light on this.
more info :: http://www.element-it.com/onlinehelp/webconfig.html
Amol_India
Member
1 Points
4 Posts
maxQueryStringLength drawbacks
Jan 29, 2013 02:36 AM|LINK
Hi,
Is there any drawback of increasing maxQueryStringLength in ASP.NET? if yes, what is the optimum value that can be set?
Thanks,
Amol.
arunoyour
Participant
1089 Points
261 Posts
Re: maxQueryStringLength drawbacks
Jan 29, 2013 03:25 AM|LINK
query string
Advantages:
a. Supported by all the browsers
b. can be useful for executing database queries without needing textboxes
and button for entring the input and submitting
c. Easy to use.
Disadvantages:
a. All the information in querystring is visible to user not secure.
b. limited to URL length of 255 characters.
if u have a large data my suggestion is go ahead with cross page posting or session
how cross page posting can apply is write the content in a hidden field and access it from page 2
chk out :: http://simplyasp.blogspot.in/2011/02/getting-value-from-previous-page-or.html
Visit :: www.simplyasp.blogspot.com
Stay tune...Keep alive
Amol_India
Member
1 Points
4 Posts
Re: maxQueryStringLength drawbacks
Jan 29, 2013 04:55 AM|LINK
Hi arunoyour,
Thanks for your reply.
As you suggested, we will not be able to use hidden fields or session variables, as the request is to wcf service through JavaScript (ExtJS Ajax). Therefore, it has to come through querystring. Also, as per documentation, it is currently allowing 2048 characters through querystring. However, the requirement demands more. So, we need to set maxQueryStringLength in web.config to higher value so that we can send more bigger querystring through request. Therefore, we need to evaluate whether there is any drawback of increasing this setting.
Thanks,
Amol.
arunoyour
Participant
1089 Points
261 Posts
Re: maxQueryStringLength drawbacks
Jan 29, 2013 05:51 AM|LINK
ok try ajax post method then using json format because it light weighted its fast.
chk out :: http://www.c-sharpcorner.com/uploadfile/b19d5a/inserting-and-fetching-data-using-wcf-rest-service-and-jquery-in-Asp-Net-mvc-2/
here also as u metioned . u need to increase the datacount in webconfig.
Visit :: www.simplyasp.blogspot.com
Stay tune...Keep alive
Amol_India
Member
1 Points
4 Posts
Re: maxQueryStringLength drawbacks
Feb 08, 2013 01:04 AM|LINK
Thanks,
As mentioned there is provision to increase the max querylength in httpruntime of web.config. I have set it to 10000 characters default being 2048. I need to know whether there is any disadvantage of increasing this limit.
arunoyour
Participant
1089 Points
261 Posts
Re: maxQueryStringLength drawbacks
Feb 08, 2013 06:00 AM|LINK
I guess there is a potential DOS vulnerability but that depends on how you actually handle the request. hmmm I can't see any other security flaws unless somehow putting something longer on the query string besides a browser limit can be harmful. Do browser max length query strings take precedence over this value is another question I don't have the answer to. Thanks for asking though, maybe someone on here can shed more light on this.
more info :: http://www.element-it.com/onlinehelp/webconfig.html
Visit :: www.simplyasp.blogspot.com
Stay tune...Keep alive
Amol_India
Member
1 Points
4 Posts
Re: maxQueryStringLength drawbacks
Feb 13, 2013 01:55 AM|LINK