5

I'm trying to setup an availability test for one of my web app using URL ping test. The problem is it keeps failing with error below. The site is publicly available and when I just use the IP it get resolved and directed to the correct url but with same error (in the test).

Tried changing the url to google/microsoft, availability test pass (of course).

Is this a network layer issue or something else?

System.Net.WebException: The server committed a protocol violation. Section=ResponseHeader Detail=CR must be followed by LF
   at System.Net.HttpWebRequest.EndGetResponse(IAsyncResult asyncResult)
   at Microsoft.VisualStudio.TestTools.WebStress.WebTestTransaction.ResponseReceived(IAsyncResult result)


------------------------

System.Exception: Failure

**** NOTE: This is not a real web request ****

1 primary requests, 0 dependant requests and 0 conditional rules failed
CKelly
  • 71
  • 5
  • I think your app responds in non-standard way. Browsers most likely ignore this error. You can download and open full test result from application insights - there you can explorer raw requests/responses and check which header doesn't follow the standard. – ZakiMa May 30 '19 at 06:24
  • Here is an example of not following the standard which throws exception in c#: https://stackoverflow.com/questions/30228408/c-sharp-cr-must-be-followed-by-lf – ZakiMa May 30 '19 at 06:25

2 Answers2

1

Forgot to mention that we have Incapsula on. And I am pretty sure Incapsula is causing the problem.

The cookies that Incapsula sends are broken to prevent bots attacks and it seems that Application Insights Availability test is not "smart" enough to process the response.

CKelly
  • 71
  • 5
  • I think this is not an answer - you should edit your question and provide this information there. And remove this answer. – ZakiMa Jun 03 '19 at 06:15
  • Not sure what it means by "broken cookies" - maybe the way Incapsula does it is not up to standard. And it is flagged by Availability Test. – ZakiMa Jun 03 '19 at 06:16
  • The cookies that Incapsula sends are "broken" on purpose, and they include content whose purpose is to test how the client responds to an irregular cookie. Web browser is capable of handling such cookies but most bot's can't. There are settings in Incapsula to add "safe" bot list. Need to get the details from Microsoft. – CKelly Jun 03 '19 at 23:08
  • Found the list here https://learn.microsoft.com/en-us/azure/azure-monitor/app/ip-addresses – CKelly Jun 03 '19 at 23:09
  • Application Insights > Availability Test is now working after disabling 'Cookie Classification' test in Impreva/Incapsula. – CKelly Jul 01 '19 at 00:13
1

I would not recommend disabling entire security features. You can add exception for specific IP address in the Incapsula Bot Access Control Tool:

https://support.incapsula.com/hc/en-us/articles/200627690-Bot-Access-Control-Tool

Here is the list of source IP ranges for Application Insights availability tests:

https://learn.microsoft.com/en-us/azure/azure-monitor/app/ip-addresses#availability-tests

user202472
  • 166
  • 1
  • 6