We have an HttpHandler that deals directly with binary posts over HTTP from custom client software. The client software occasionally sends data which results in IIS 7 responding with a 400 - Bad Request. Since the "400 Bad Request" is special in that HTTP.SYS transparently handles it in kernel mode without notifying user mode of anything, no errors are raised to be handled in ASP.NET. Is it possible to catch this http 400 in ASP.NET, so that I can write specific data to the Response stream in these scenarios? A redirect to another page isn't an option as it needs to be in the current Request/Response.
+1
A:
If you know what is causing the 400, then you may be able to customise the behaviour of http.sys via the registry to deal with it:
http://support.microsoft.com/kb/820129
However, you should be aware that there are potential security and performance ramifications of doing this.
Another option would be to use a filtering proxy before IIS, thereby capturing the request before it goes any further.
Dave R.
2008-12-05 11:21:02
The error is from an invalid content length header, which according to this: http://technet.microsoft.com/en-us/library/cc786188.aspx can't be customized. It looks like it may not be possible without basically writing your own http server at this point.
duckworth
2008-12-05 12:41:42
A:
If your custom client causes IIS to trigger HTTP 400, it's probably flawed and is not submitting valid HTTP requests according to the standard. If you can alter the client, it would be the right thing to do. Otherwise, what you're working with is not HTTP, and IIS is designed to handle HTTP requests. Therefore, you should run a custom server for your own protocol (which is a non-standard HTTP like thing).
It's not advised to use IIS/ASP.NET to handle such a request as it might cause some weird unexpected things to happen.
Mehrdad Afshari
2008-12-05 13:36:12
The error is due to an invalid content length header from a corrupt payload. Changing the client software isn't an option and I just need to send down a customized http response to inform the client to clear it's payload, but there is no way for me to trap the 400 error and send the client anything.
duckworth
2008-12-05 13:46:21
Whatever it is, what you need is a server that handles the non-standard protocol (= standard with implementation bugs). You should probably write a custom server that handles this issue. I think Dave R.'s proxy filtering solution is the best idea. Any solution is an ugly hack nevertheless.
Mehrdad Afshari
2008-12-05 15:16:10
+1
A:
I would instead ask them to fix the custom client software. Give them a report showing the failed requests. If you are able to, run a sniffer such as Wireshark and send them the packets if they do not believe the problem is with their software.
BuzzAnn
2009-04-29 15:35:24