Web.config file settings for long querystring

Question

I have a large form that gets executed and spits out a query string that very long. sometimes it's only 50 characters and sometimes it's reaching 50k characters. The problem is, i notice once the query string hits about 7500 characters, i get

"The connection was reset. The connection to the server was reset while the page was loading."

I get this in explorer, firefox and chrome. I have adjusted my web.config file to allow for many characters and sizes, but i am still getting this error after 7500 characters. (that is not an exact number its a guesstimate)

I'm not sure if I am missing something or not

Here is my web.config file

<configuration>
<system.webServer>
    <httpErrors errorMode="Detailed" />
    <asp scriptErrorSentToBrowser="true"/>
</system.webServer>

<system.webServer>
<security>
<requestFiltering>
  <requestLimits maxQueryString="90000"/>
  <requestLimits maxUrl="90000">
</requestFiltering>
</security>
</system.webServer>

<system.web>
<httpRuntime 
maxQueryStringLength="90000" 
maxUrlLength="90000" 
relaxedUrlToFileSystemMapping="true" 
executionTimeout = "90000" 
requestLengthDiskThreshold = "90000" 
shutdownTimeout = "00:06:00" 
appRequestQueueLimit="90000" 
maxRequestLength="90000" 
enable = "True" />
</system.web>


<system.web>
    <customErrors mode="Off"/>
    <compilation debug="true"/>
</system.web>

</configuration>

the form

<% validateForm "addscheduleform4.asp" %> 
<form method="post" name="addUs">
 <% validateError %>        

<ALOT OF INPUTS>

<input type="submit" name="save" value="Submit" style="height:50px; width:200px">
</form>

After pressing submit, url as requested:

http://example.com/addscheduleform4.asp?102111=none&302121=1&202171=0&202122=0&102172=none&102123=none&302133=1&102231=none&302241=1&202242=0&102243=none&302253=1&102351=none&302361=1&302312=1&202362=0&202313=0&102363=none&302373=1&202541=0&102542=none&302552=1&202553=0&102721=none&302731=1&202732=0&102733=none&302743=1&202911=0&102961=none&302971=1&102912=none&302922=1&202972=0&202923=0&102973=none&203011=0&103061=none&303071=1&103012=none&303022=1&203072=0&203023=0&103073=none&203131=0&103132=none&303142=1&203143=0&203251=0&103252=none&303262=1&303213=1&203263=0&203621=0&103671=none&103622=none&303632=1&203633=0&104021=none&304031=1&204032=0&104033=none&304043=1&104141=none&304151=1&204152=0&104153=none&304163=1&202111=0&102161=none&302171=1&102112=none&302122=1&202172=0&202123=0&102173=none&202231=0&102232=none&302242=1&202243=0&202351=0&102352=none&302362=1&302313=1&202363=0&102531=none&302541=1&202542=0&102543=none&302553=1&202721=0&102771=none&102722=none&302732=1&202733=0&302911=1&202961=0&202912=0&102962=none&302972=1&102913=none&302923=1&202973=0&303011=1&203061=0&203012=0&103062=none&303072=1&103013=none&303023=1&203073=0&103121=none&303131=1&203132=0&103133=none&303143=1&103241=none&303251=1&203252=0&103253=none&303263=1&103611=none&303621=1&203671=0&203622=0&103672=none&103623=none&303633=1&204021=0&104071=none&104022=none&304032=1&204033=0&204141=0&104142=none&304152=1&204153=0&302111=1&202161=0&202112=0&102162=none&302172=1&102113=none&302123=1&202173=0&102221=none&302231=1&202232=0&102233=none&302243=1&102341=none&302351=1&202352=0&102353=none&302363=1&202531=0&102532=none&302542=1&202543=0&102711=none&302721=1&202771=0&202722=0&102772=none&102723=none&302733=1&102951=none&302961=1&302912=1&202962=0&202913=0&102963=none&302973=1&103051=none&303061=1&303012=1&203062=0&203013=0&103063=none&303073=1&203121=0&103171=none&103122=none&303132=1&203133=0&203241=0&103242=none&303252=1&203253=0&203611=0&103661=none&303671=1&103612=none&303622=1&203672=0&203623=0&103673=none&104011=none&304021=1&204071=0&204022=0&104072=none&104023=none&304033=1&104131=none&304141=1&204142=0&104143=none&304153=1&102121=none&302131=1&202132=0&102133=none&302143=1&102241=none&302251=1&202252=0&102253=none&302263=1&202311=0&102361=none&302371=1&102312=none&302322=1&202372=0&202323=0&102373=none&202551=0&102552=none&302562=1&302513=1&202563=0&102731=none&302741=1&202742=0&102743=none&302753=1&202921=0&102971=none&102922=none&302932=1&202933=0&203021=0&103071=none&103022=none&303032=1&203033=0&203141=0&103142=none&303152=1&203153=0&303211=1&203261=0&203212=0&103262=none&303272=1&103213=none&303223=1&203273=0&203631=0&103632=none&303642=1&203643=0&104031=none&304041=1&204042=0&104043=none&304053=1&104151=none&304161=1&304112=1&204162=0&204113=0&104163=none&304173=1&202121=0&102171=none&102122=none&302132=1&202133=0&202241=0&102242=none&302252=1&202253=0&302311=1&202361=0&202312=0&102362=none&302372=1&102313=none&302323=1&202373=0&102541=none&302551=1&202552=0&102553=none&302563=1&202731=0&102732=none&302742=1&202743=0&102911=none&302921=1&202971=0&202922=0&102972=none&102923=none&302933=1&103011=none&303021=1&203071=0&203022=0&103072=none&103023=none&303033=1&103131=none&303141=1&203142=0&103143=none&303153=1&103251=none&303261=1&303212=1&203262=0&203213=0&103263=none&303273=1&103621=none&303631=1&203632=0&103633=none&303643=1&204031=0&104032=none&304042=1&204043=0&204151=0&104152=none&304162=1&304113=1&204163=0&102131=none&302141=1&202142=0&102143=none&302153=1&102251=none&302261=1&302212=1&202262=0&202213=0&102263=none&302273=1&202321=0&102371=none&102322=none&302332=1&202333=0&302511=1&202561=0&202512=0&102562=none&302572=1&102513=none&302523=1&202573=0&102741=none&302751=1&202752=0&102753=none&302763=1&202931=0&102932=none&302942=1&202943=0&203031=0&103032=none&303042=1&203043=0&203151=0&103152=none&303162=1&303113=1&203163=0&103211=none&303221=1&203271=0&203222=0&103272=none&103223=none&303233=1&203641=0&103642=none&303652=1&203653=0&104041=none&304051=1&204052=0&104053=none&304063=1&204111=0&104161=none&304171=1&104112=none&304122=1&204172=0&204123=0&104173=none&202131=0&102132=none&302142=1&202143=0&202251=0&102252=none&302262=1&302213=1&202263=0&102311=none&302321=1&202371=0&202322=0&102372=none&102323=none&302333=1&102551=none&302561=1&302512=1&202562=0&202513=0&102563=none&302573=1&202741=0&102742=none&302752=1&202753=0&102921=none&302931=1&202932=0&102933=none&302943=1&103021=none&303031=1&203032=0&103033=none&303043=1&103141=none&303151=1&203152=0&103153=none&303163=1&203211=0&103261=none&303271=1&103212=none&303222=1&203272=0&203223=0&103273=none&103631=none&303641=1&203642=0&103643=none&303653=1&204041=0&104042=none&304052=1&204053=0&304111=1&204161=0&204112=0&104162=none&304172=1&104113=none&304123=1&204173=0&102141=none&302151=1&202152=0&102153=none&302163=1&202211=0&102261=none&302271=1&102212=none&302222=1&202272=0&202223=0&102273=none&202331=0&102332=none&302342=1&202343=0&102511=none&302521=1&202571=0&202522=0&102572=none&102523=none&302533=1&102751=none&302761=1&302712=1&202762=0&202713=0&102763=none&302773=1&202941=0&102942=none&302952=1&202953=0&203041=0&103042=none&303052=1&203053=0&303111=1&203161=0&203112=0&103162=none&303172=1&103113=none&303123=1&203173=0&103221=none&303231=1&203232=0&103233=none&303243=1&203651=0&103652=none&303662=1&303613=1&203663=0&104051=none&304061=1&304012=1&204062=0&204013=0&104063=none&304073=1&204121=0&104171=none&104122=none&304132=1&204133=0&202141=0&102142=none&302152=1&202153=0&302211=1&202261=0&202212=0&102262=none&302272=1&102213=none&302223=1&202273=0&102321=none&302331=1&202332=0&102333=none&302343=1&202511=0&102561=none&302571=1&102512=none&302522=1&202572=0&202523=0&102573=none&202751=0&102752=none&302762=1&302713=1&202763=0&102931=none&302941=1&202942=0&102943=none&302953=1&103031=none&303041=1&203042=0&103043=none&303053=1&103151=none&303161=1&303112=1&203162=0&203113=0&103163=none&303173=1&203221=0&103271=none&103222=none&303232=1&203233=0&103641=none&303651=1&203652=0&103653=none&303663=1&204051=0&104052=none&304062=1&304013=1&204063=0&104111=none&304121=1&204171=0&204122=0&104172=none&104123=none&304133=1&102151=none&302161=1&302112=1&202162=0&202113=0&102163=none&302173=1&202221=0&102271=none&102222=none&302232=1&202233=0&202341=0&102342=none&302352=1&202353=0&102521=none&302531=1&202532=0&102533=none&302543=1&202711=0&102761=none&302771=1&102712=none&302722=1&202772=0&202723=0&102773=none&202951=0&102952=none&302962=1&302913=1&202963=0&203051=0&103052=none&303062=1&303013=1&203063=0&103111=none&303121=1&203171=0&203122=0&103172=none&103123=none&303133=1&103231=none&303241=1&203242=0&103243=none&303253=1&303611=1&203661=0&203612=0&103662=none&303672=1&103613=none&303623=1&203673=0&204011=0&104061=none&304071=1&104012=none&304022=1&204072=0&204023=0&104073=none&204131=0&104132=none&304142=1&204143=0&202151=0&102152=none&302162=1&302113=1&202163=0&102211=none&302221=1&202271=0&202222=0&102272=none&102223=none&302233=1&102331=none&302341=1&202342=0&102343=none&302353=1&202521=0&102571=none&102522=none&302532=1&202533=0&302711=1&202761=0&202712=0&102762=none&302772=1&102713=none&302723=1&202773=0&102941=none&302951=1&202952=0&102953=none&302963=1&103041=none&303051=1&203052=0&103053=none&303063=1&203111=0&103161=none&303171=1&103112=none&303122=1&203172=0&203123=0&103173=none&203231=0&103232=none&303242=1&203243=0&103651=none&303661=1&303612=1&203662=0&203613=0&103663=none&303673=1&304011=1&204061=0&204012=0&104062=none&304072=1&104013=none&304023=1&204073=0&104121=none&304131=1&204132=0&104133=none&304143=1&area=1&schedid=193&save=Submit&

Some browsers limit the query string length, there's no way around that. Regardless, you shouldn't be using query string to pass around that volume of data. What are you doing that you need to pass that much? — mason, Feb 17 '15 at 16:58
its a scheduling program and everytime a location is added to the form more fields are presented. the more locations added, the more fields. 12 locations hits 7672 character query string. 11 locations is 7042. so right now after adding a 12th location the form does not submit and you get "the connection..." — ant t, Feb 17 '15 at 17:07
Why not pass this information in the body of a request, rather than the query string? Do a [POST instead of a GET](http://www.w3schools.com/tags/ref_httpmethods.asp)? — mason, Feb 17 '15 at 17:08
how would you do that? currently the form is a POST i believe — ant t, Feb 17 '15 at 17:11
If your form is truly POST, then the values aren't being passed in the query string, and you're barking up the wrong tree. Use your browser's network tools to see what format the data is being sent in. Get the URL and body, and edit that into your question as well. — mason, Feb 17 '15 at 17:14
Yes, because I highly doubt your form data is in the URL if you're using POST. — mason, Feb 17 '15 at 17:19
url after pressing submit is posted. this is a 7672 character query, causing the error — ant t, Feb 17 '15 at 17:21
no that is all that is on the page. this one form. i can post the entire page but it is extremely long — ant t, Feb 17 '15 at 17:26
IIS can also limit the querystring size: http://www.iis.net/configreference/system.webserver/security/requestfiltering/requestlimits It's possible that the server is overriding your web.config if feature delegation isn't enabled. — ps2goat, Feb 17 '15 at 17:26
is there a way to check what the settings are other than in the web.config ? can a make a page that will display all the settings like you can in php — ant t, Feb 17 '15 at 17:28
Also note that after you fix this, it's possible that you may run into another error. there's also a default of 2000 (that I experienced) request variables that can be passed into asp.net by default. there's a setting to increase that, but it shouldn't give you a timeout error. However, you would get this error next if you have more than 2000 fields posting back. This post references a default of 500 or 1000 fields: http://stackoverflow.com/questions/8684049/asp-net-ms11-100-how-can-i-change-the-limit-on-the-maximum-number-of-posted-for — ps2goat, Feb 17 '15 at 17:28
You seem to be using the `.asp` extension, which makes me think this is Classic ASP. I'm not really familiar with that, but I don't think (not positive) that it even has a web.config file. — mason, Feb 17 '15 at 17:30
@ps2goat not really sure what that is. im not getting a server timeout, im getting a connection reset. — ant t, Feb 17 '15 at 17:32
@mason it is classic, but i believe the web.config is ok. is there a way i can view the current settings by making a page? i know with my php pages i just throw phpinfo(); ?> into a file and it lists all web settings — ant t, Feb 17 '15 at 17:34
Not built in. You can view the settings in `web.config` or view them in your server's GUI. — mason, Feb 17 '15 at 17:35
well i know i can see them in the web.config, but i want to see on the page itself whats being read, and if it is even pulling the information from the web.config or not — ant t, Feb 17 '15 at 17:38
@mason do you know anything about this: http://stackoverflow.com/questions/7255685/reading-web-config-values-in-classic-asp — ant t, Feb 17 '15 at 17:38
That's not what you're trying to do. If you want to know what's in `web.config`, just look at `web.config`. If you want to know what the IIS settings are, look at IIS. — mason, Feb 17 '15 at 17:42
@antt, the link I posted says the server should return a status of `404.15`. — ps2goat, Feb 17 '15 at 17:44
@mason i can see what the default iis settings are. i can see what the web.config is, i made it. i want to see a way to see on an actual page, what the settings are being read as. in other words, is it taking the default iis settings, or is it reading my web.config file. because like you said if its not reading the web.config file, then thats the issue. if it is, then there is a different issue. and what was your judgement on the POST, and why i have the query in the first place, and maybe a different work around to do it. — ant t, Feb 17 '15 at 17:45
@ps2goat yea it doesnt return anything more than "The connection was reset. The connection to the server was reset while the page was loading." when i hit over 7500 characters in length — ant t, Feb 17 '15 at 17:46
If you read my very first comment, I point out that you shouldn't be using query string for this in the first place. And in fact, query string wouldn't be used if your page is properly doing a POST action. The values that the framework uses are an combination of the settings in IIS, in web.config, and any other configuration system you choose to use. So I believe you're barking up the wrong tree, you need to take a step back and figure out how to get those form values into the body of the POST request rather than the URL. — mason, Feb 17 '15 at 17:48
@mason i tried poking around and seems everything is set to "post" but the forms are still pushing the queries on submit. is there something i'm missing — ant t, Feb 17 '15 at 18:16
Your `
` element doesn't specify an action. There's your problem. It should specify a location to post your values to. That's just [basic forms](http://www.w3schools.com/html/html_forms.asp). — mason, Feb 17 '15 at 18:54

score 0 · Answer 1 · answered Feb 17 '15 at 19:47

ok so basically this was in general a complete wrong way of setting up the form, causing it to create a query string with characters in the thousands.

<form method="post" name="addUs" action="addscheduleform4.asp">


<ALOT OF INPUTS>

<input type="submit" name="Submit" value="Submit" style="height:50px; width:200px">
</form>

That is this correct way to set up that form to properly POST. if the post is not fully filled out properly, the form defaults to "GET".

the page it goes to was reading inputs as:

 pp73  = getUserInput(request.querystring("30"&pidlocation&"73"),100)

when it should be

pp73  = getUserInput(request.form("30"&pidlocation&"73"),100)

So because of the improper form setup, request.form was not working causing me to change it to request.querystring, but now with a complete POST form method, it is now switched back to request.form, and pass data without querystrings, solving the long query issue

Web.config file settings for long querystring

1 Answers1