5

After reading through the following questions:

Testing a request that fails IIS request filtering (In particular query string length) and looking to do the following:

  • Prevent IIS from hijacking any errors
  • A hook in Web API / ASP.Net to handle these errors

The IIS httpErrors section in the web.config is set-up as follows:

 <system.webServer>
    <modules runAllManagedModulesForAllRequests="true" />
    <httpErrors existingResponse="PassThrough" />
 </system.webServer>

When faced with a request that is too long, the response I get back from Web API is as follows:

HTTP/1.1 404 Not Found
Date: Thu, 09 Apr 2015 10:58:34 GMT
Server: Microsoft-IIS/7.5
Content-Length: 0

If I remove the httpErrors config section, we are back to the IIS error message (404.15). To try and combat problems with routes not being hit, I tried defining a catch all route that would handle any unknown URLs:

config.Routes.MapHttpRoute(
    name: "CatchAll",
    routeTemplate: "{*url}",
    defaults: new { controller = "Error", action = "NotFound"});

Unfortunately this controller action is never hit. After this point I figured I would try the Web API tracing module to see if any Web API pipeline was being hit, not nothing shows up in the Debug window.

The only place I can see the request hit the application is in Global.asax as follows:

protected void Application_PreSendRequestHeaders()
{
    Response.Headers.Remove("Server");
}

If I now re-run the request, the header is correctly removed and looking through the Request property in Application, everything seems to be correctly set, even the query string is correctly preserved.

Is there something I am missing? I already have a Global Exception Handler that is used elsewhere, and Delegating Handler which is wrapping all responses but unfortunately neither these are hit.

Is there a way to catch these requests and put them through the Web API or would it be better to disable request filtering?

Community
  • 1
  • 1
Hux
  • 3,102
  • 1
  • 26
  • 33
  • Did you find a solution to this issue? I am having the same problem where I am trying to redirect to a method on an error controller. Nothing is being hit when I make the request. – ObiEff Jul 02 '18 at 14:25
  • @ObiEff I don't think I did. Think I may have handled it at the load balancer level or similar – Hux Jul 05 '18 at 12:40

0 Answers0