Last post Jun 28, 2011 09:57 PM by Bitnbytes
Jan 20, 2011 05:35 AM|VincentITA|LINK
Hello to all community.
I've got a very strange error and i'm really not able to detect why.
I have a little asp net 4 website running on IIS6, and works perfectly.
I configured cookieless to autodetect and all looks like ok.
I'm in trouble about 2 my internal users.
Looks like they have no cookies allowed, and so asp net uses Session ID in query string, making pages like
Mmm, in the reality the session ID is very longer, like
And mabye also longer. I will past one, when i will got.
I already checked browser, they are ok.
Anyway i said, no problem, if it works.
The main problem is on these 2 PC (where session id is embedded into query string), suddenly appears a 404 - Bad request page.
I tried to replicate problem on my develop machine but NEVER happens and never appears session ID in query string.
I tried all cookieless combination, i enlarged maxrequestquerystring limit, and allowed all chars
<httpRuntime executionTimeout="120" maxRequestLength="10000" maxQueryStringLength="10000" requestPathInvalidCharacters=""/>
I've also disabled validation request in <page> section of web config
I also formatted PC with this issue: nothing. SessionID continues to appear on query string.
I do not know what to do!!
The site uses SqlMembership and SqlRole Manager if it can help.
Please help me, i really do not know how to get out this situation.
Jan 20, 2011 09:43 AM|sachingusain|LINK
suddenly appears a 404 - Bad request page.
Try to check IIS logs and see what page is throwing this error? Is it just one page or there are other pages too?
Jan 20, 2011 01:59 PM|VincentITA|LINK
Thank you for the reply.
I enabled IIS log following this procedure. http://support.microsoft.com/kb/313437
Is that right? What should i look for when error appears?
Anyway i found that logs were already enabled, so i read this and tried to get out informations
But not able to get what i need.
Mabye no query here listed can get out error details??
Here, here, i got it, i got it!
I found it in http.sys. This is what i was trying to say:
2011-01-20 15:51:42 18.104.22.168 59118 192.168.0.250 2503 HTTP/1.1 GET /AzbuyLocal/(X(1)S(kfzq2dk42ls3x0zq3vrnmh3c)F(8E4444A148C075FA0B91B397DC9B1C9F3CC1A34A1C1D74B68559983620C120C32C1B71EC6EE0EB7D7997ED64DF6D740B5A28FBA850899350C91505673DAE1EDE323CC478CC03DD8F5189E18E8B9D9F37E7F92BA613CDDE3A74EA3DF73497E50A52A7D178752C50BBCD9AC455D53E95B535C304DE61ACCAC2570DA6717467FC5AF47BDD25B4A0455B290354AA70465E7B))/CliMode.aspx?ragsoci=LEVA+SRL
400 - URL -
I paste here also few lines before and after:
2011-01-20 15:41:30 22.214.171.124 59971 192.168.0.250 443 - - - - - Timer_ConnectionIdle -
2011-01-20 15:42:28 192.168.0.61 1737 192.168.0.250 80 HTTP/1.1 OPTIONS / 400 - Hostname -
2011-01-20 15:42:55 126.96.36.199 59973 192.168.0.250 443 - - - - - Timer_ConnectionIdle -
2011-01-20 15:46:05 188.8.131.52 49788 192.168.0.250 443 - - - - - Timer_ConnectionIdle -
2011-01-20 15:48:35 192.168.0.164 2574 192.168.0.250 2503 - - - - - Timer_ConnectionIdle -
2011-01-20 15:51:55 184.108.40.206 33815 192.168.0.250 443 - - - - - Timer_ConnectionIdle -
2011-01-20 16:05:25 220.127.116.11 1178 192.168.0.250 443 - - - - - Timer_ConnectionIdle -
2011-01-20 16:05:44 192.168.0.61 2660 192.168.0.250 80 HTTP/1.1 OPTIONS / 400 - Hostname -
2011-01-20 16:11:35 18.104.22.168 54611 192.168.0.250 2503 - - - - - Timer_ConnectionIdle -
2011-01-20 16:16:00 192.168.0.65 3598 192.168.0.250 80 HTTP/1.1 OPTIONS / 400 - Hostname -
2011-01-20 16:17:40 22.214.171.124 41899 192.168.0.250 2503 - - - - - Timer_ConnectionIdle -
Jan 21, 2011 03:10 PM|VincentITA|LINK
nobody can help me?
Jan 25, 2011 05:47 AM|VincentITA|LINK
Should i post question in other microsoft forums?
I've tried everything!!!
Jan 26, 2011 06:41 AM|cts-mgraham|LINK
This is usually a proxy issue - see if you can follow this article and let us know if it helps:
909622 Error message when a client tries to open a Web site for the first time: "HTTP 400 - Bad Request"
Jan 26, 2011 08:56 AM|VincentITA|LINK
I will try, even if it never happens on first time.
Jan 30, 2011 10:51 AM|cts-mgraham|LINK
Did this help?
Jan 30, 2011 11:00 AM|VincentITA|LINK
Mmm, in the facts i do not know, becouse beyond your suggestion i applied in same time also this one:
And it works, but don't know which one solved issue.
Jun 28, 2011 07:59 PM|dean_goddard|LINK
We had a similar issue where we needed to run a site cookieless to sit inside our clients I-Framed website. When users with longish email addresses attempted to login there hit the dreaded BAD REQUEST error.
The issue is because the cookie being passed in the URL resides in one URL segment - that is the characters between two forward slashes. And that default length is 260 characters. Our url cookie segments were hitting 370 characters.
Setting HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\HTTP\Parameters\UrlSegmentMaxLength DWORD (512)
greater than the default to say 512 (max 32768) will overcome any Bad Request errors.
See http://support.microsoft.com/kb/820129 for more info, but don't be fooled by the date - this still applies now.
What is interesting is this still applies to June 2011 tech - namely IIS 7.5, Windows Server 2008 and ASP.NET 4.0. Searching for this fix implies a 3 year old issue which is 30 IT years.
Jun 28, 2011 09:57 PM|Bitnbytes|LINK
IIS7+ allows you to control URL length and query length from IIS manager. You should be able to use those two values instea of manipulating registry directly.