1

I'm sending an array containing a very long string from a JavaScript app (using the fetch API) to a .NET Core Web API, like this:

"FirstName LastName (Country)
 TEXT
    INFORMATION:  ^MOM?ROVAL LETTER REQUIRED.
    INFORMATION: MORE TEXT HERE
    .... around 20 more lines
"

The text could contain a range of characters, including line breaks, etc. (I think some of the characters are encoded CR and LF characters). It causes a 400 Bad Request when I send it to a .NET Core Web API. If I change the text to something like "test" then it works.

Is there an easy way I can format the text so that the Web API will accept it?

Jeremy Caney
  • 7,102
  • 69
  • 48
  • 77
Chris Halcrow
  • 28,994
  • 18
  • 176
  • 206
  • 1
    How are you sending it? Body? Query? – ESG Apr 09 '20 at 02:02
  • I’ve posted the _most likely_ explanation below. If that doesn’t solve your problem, however, we’ll probably need to see your ASP.NET Core action, your JavaScript for submitting these data, and potentially the configuration of any middleware in your `Startup` class. Given your reputation in the relevant technologies here on Stack Overflow, I’m inclined to believe you’ve already accounted for the obvious explanation, and it’s instead a more complex issue with e.g., JSON deserialization. But given the information you’ve provided, the request length would still be my first line of inquiry. – Jeremy Caney Apr 09 '20 at 22:05
  • Also, it’d be useful to know what version of ASP.NET Core your application is written in, in case anyone wants to take a stab at reproducing this. I’m not aware of any version specific issues that would impact this, but it’s a potential variable. – Jeremy Caney Apr 09 '20 at 22:08

1 Answers1

1

If you’re getting a 400 Bad Request with ≈25 lines of relatively short strings then the most likely explanation is that your JavaScript is submitting these data via a GET request, thus hitting the limits for the query string length.

While the HTTP standard doesn’t actually specify a limit to the length of a request, most servers have default limits for different methods.

For Internet Information Server (IIS), for example, this is:

  • URL: 4,096 bytes (4KB)
  • Query String (GET): 2,048 bytes (2KB)
  • Content (POST): 30,000,000 bytes (≈28.6MB)

If you happen to be hosting your ASP.NET Core application on IIS, and you have the Request Filtering feature installed (instructions), these limits can be modified in the web.config file (reference):

<configuration>
   <system.webServer>
      <security>
         <requestFiltering>
            <requestLimits maxUrl="2048" maxQueryString="1024" />
         </requestFiltering>
      </security>
   </system.webServer>
</configuration>

Note: You may also need to change this value in the registry.

That all said, the preferrable solution is to change how you’re submitting these data. As you can see, you can POST nearly 30MB of data without changing the default configuration, which I imagine will be more than enough for your needs.

Obviously, this requires changing both your JavaScript (to use HTTP’s POST method) and potentially your ASP.NET Core application (to ensure it will accept a [HttpPost] request).

Note: The exact limits will vary by web server software. But they’re generally within this ballpark.

Jeremy Caney
  • 7,102
  • 69
  • 48
  • 77
  • Hey Chris, do you recall if this addressed your issue last year? If so, would you mind marking it as the accepted answer? If not, do you recall what the the problem ended up being? E.g., was it in fact related to the formatting? – Jeremy Caney Jul 23 '21 at 18:35