Restful post throws 400 invalid url when reaching 295 chars

Question

I've created a restful webservice with Web-Api.

I'm trying to do a post at this url

../api/AAEAAAD_____AQAAAAAAAAAMAgAAAEVPYmplY3RUb0Jhc2U2NCwgVmVyc2lvbj0xLjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPW51bGwFAQAAABlPYmplY3RUb0Jhc2U2NC5DcmVkZW50aWFsAgAAABk8VXNlcm5hbWU-a19fQmFja2luZ0ZpZWxkGTxQYXNRmllbGQBAQIAAAAGAwAAAA5hd2NhQGF0ZWEtYW5jdAYEAAAAC0czcnRtNG5zMGZ0CwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2/say

The base64 is encoded with

HttpServerUtility.UrlTokenEncode();

I get a "HTTP Error 400. The request URL is invalid." when trying to do a post.

I've tried setting maxUrlLength as I've seen a few others with the same type of problem, alas, this did not help.

So far, I've tried

changing maxUrlLength in web.config.
Setting UrlSegmentMaxLength in Registry

nothing has worked so far. I've found the magic number to be 294 allowed chars in the full url meaning -> If I cut of some of the characters from the long string until i get to 294 characters, everything works as intented, as to why certain it's not a routing problem nor a problem with my post method

Any good ideas as to what can be the issue?

For anyone trying to achieve the same thing I'm trying - Heres my route

  config.Routes.MapHttpRoute(
            name: "DefaultApi",
            routeTemplate: "api/{key}/{controller}/{id}",
            defaults: new { key=RouteParameter.Optional,id = RouteParameter.Optional }
            );

and my Post method

public string Post(string key)
    {
       if(ConvertFromBase64(key))
       {
       //Do stuff
       }
    }

Not an answer to your question but should that token be in a header? (an auth token?) Seems like an awful url ;) — bryanmac, Nov 04 '14 at 12:20
I didn't remove them, but please leave out the excessive headers, it doesn't make the post more readable, on the contrary even. Also, _"What did you try?"_ doesn't mean _"What is your code?"_, but _"What have you tried to resolve the issue"_. See for example the very related question [Bad Request - Invalid URL web api](http://stackoverflow.com/questions/17990427/bad-request-invalid-url-web-api). — CodeCaster, Nov 04 '14 at 12:26
it seems like you got a downvote because of some bold text.., unbelievable — Felipe Pereira, Nov 04 '14 at 12:29
I do not understand what you mean after "Also" - and I've removed the headers, although I disagree with you. — VisualBean, Nov 04 '14 at 12:29
Surely, if you're doing a POST anyway, the token should be in the POST data, not the URL? — DrDeth, Nov 04 '14 at 12:31
Check your app pool. I know there's a setting in there to control the body size for posts. Maybe there's one for url length. Also, I'd suggest rolling this long thing into a header, or convert it to a post and put it in the body. — Jason, Nov 04 '14 at 12:50
@CodeCaster, are you seriously asking me if I can see the downvote reason? — Felipe Pereira, Nov 04 '14 at 12:53
Can you show us how you call the method from the client and also if possible, the simplified controller method and its attribute decoration, if any. — Francis Ducharme, Nov 04 '14 at 16:29
You should see a sub status when invoking the api from localhost, could you include the sub status in your post? I'd also be interested in your web api router setup — saintedlama, Nov 04 '14 at 18:05
@FrancisDucharme my post is working fine when I use the shorter url. #saintedlama - the routing is working just fine, as I've previously stated, the whole thing works, when using a url shorter than 295 characters. but my route is api/{key}/{controller}/{id} with key and id as optional - I've also got a https filter, but as previously stated - Everything works as intended when url is shorter than 295 — VisualBean, Nov 04 '14 at 18:19

score 1 · Answer 1 · answered Mar 12 '15 at 20:45

Try with the key in the query string instead?

public class SomeController : Controller
    [Route("api/say")]
    public ActionResult Say(string key) {
    }

With a url like

../api/say?key=AAEAAAD_____AQAAAAAAAAAMAgAAAEVPYmplY3RUb0Jhc2U2NCwgVmVyc2lvbj0xLjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPW51bGwFAQAAABlPYmplY3RUb0Jhc2U2NC5DcmVkZW50aWFsAgAAABk8VXNlcm5hbWU-a19fQmFja2luZ0ZpZWxkGTxQYXNRmllbGQBAQIAAAAGAwAAAA5hd2NhQGF0ZWEtYW5jdAYEAAAAC0czcnRtNG5zMGZ0CwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2

score 0 · Answer 2 · answered Nov 04 '14 at 18:37

0

I know you tried through the web.config file, but can you try to increase the maxLength of the key parameter, like such ?

config.Routes.MapHttpRoute(
        name: "DefaultApi",
        routeTemplate: "api/{key:maxlength(500)}/{controller}/{id}", //whatever is the max length of your parameter...
        defaults: new { key=RouteParameter.Optional,id = RouteParameter.Optional }
        );

answered Nov 04 '14 at 18:37

Francis Ducharme

4,848
6
43
81

@AlexCarlsen My recommendation is to pass this token in query string not part of the URI, you do not know what characters might be in this token, and some chars will not be acceptable to be part of the URI. – Taiseer Joudeh Nov 04 '14 at 21:55
@TaiseerJoudeh I'd agree with that too, unless Alex is sure no conflicting garbage will ever get in there. – Francis Ducharme Nov 04 '14 at 21:57
1

from MSDN: HttpServerUtility.UrlTokenEncode - "Encodes a byte array into its equivalent string representation using base 64 digits, which is usable for transmission on the URL." So no garbage can never come from this – VisualBean Mar 13 '15 at 04:21

Restful post throws 400 invalid url when reaching 295 chars

2 Answers2