How to Configure the Web.Config to Allow Requests of Any Length

How to configure the web.config to allow requests of any length

Add the following to your web.config:

<system.webServer>
  <security>
    <requestFiltering>
      <requestLimits maxQueryString="32768"/>
    </requestFiltering>
  </security>
</system.webServer>

See:

http://www.iis.net/ConfigReference/system.webServer/security/requestFiltering/requestLimits

Updated to reflect comments.

requestLimits Element for requestFiltering [IIS Settings Schema]

You may have to add the following in your web.config as well

<system.web>
    <httpRuntime maxQueryStringLength="32768" maxUrlLength="65536"/>
</system.web>

See: httpRuntime Element (ASP.NET Settings Schema)

Of course the numbers (32768 and 65536) in the config settings above are just examples. You don't have to use those exact values.

Where do I set the maximum query string length?

first, make sure you enabled the anonymous authentication in iis:

set below code in web.config file:

<system.web>

   <httpRuntime maxUrlLength="10999" maxQueryStringLength="2097151" />
                                ……
</system.web>

<system.webServer>
    <security>
    <requestFiltering>
      <requestLimits maxUrl="10999" maxQueryString="2097151" />
    </requestFiltering>
  </security>
</system.webServer>

Note: set value a little bit higher than your requirement. above mentioned is just an example.
set this value in the root folder config file. and restart iis after doing changes.

Change maximum request length in asp.net mvc without modifying web.config

I don't think that's possible, as the web config stores the configuration values that your application uses to define how it behaves - in this case, the length of the data you require to be passed on.

You would need to modify the web.config as follows:

<configuration>
    <system.web>
        <httpRuntime maxRequestLength="1048576" />
    </system.web>
</configuration>

And if you are on IIS7 above, the following needs to be configured as well:

<system.webServer>
   <security>
      <requestFiltering>
         <requestLimits maxAllowedContentLength="1073741824" />
      </requestFiltering>
   </security>
 </system.webServer>

Additional Note: maxAllowedContentLength is measured in bytes while maxRequestLength is measured in kilobytes

Some options you have are:

1. Powershell script that would read your web.config files on the different servers and update the configuration values accordingly.

2. Uploading the web config directly via FTP or publish.

3. Modifying the web config directlyon the server instance.

Allow requests of any length per Service

Adding a location element and setting the settings there seemed to do the trick

<location path="MyService.asmx">
<system.webServer>
  <security>
    <requestFiltering >
      <requestLimits  maxAllowedContentLength="102400000"/>
    </requestFiltering>
  </security>
</system.webServer>

If there is another/better solution feel free to post it

How to use MaxRequestBodySize in ASP.NET Core on IIS with maxAllowedContentLength?

Turns out there are several bugs in ASP.NET Core when setting the limits to values above Int32.MaxValue. Furthermore, the limit must be set in two places. See this issue and linked issues. In summary:

• Set the web.config value system.webServer.security.requestFiltering.maxAllowedContentLength to Int32.MaxValue
• In the app startup, set IISServerOptions.MaxRequestBodySize to Int32.MaxValue

That removes the warning (and of course limits requests to ~2GB).

Limit URL Parameter Length in Web.Config

See the following link:

http://learn.iis.net/page.aspx/143/use-request-filtering/

Here is an example of the IIS 7 config:

<configuration>
    <system.webServer>
        <security>
            <requestFiltering>
                <requestLimits
                    maxAllowedContentLength="30000000"
                    maxUrl="260"
                    maxQueryString="25"/>
            </requestFiltering>
        </security>
    </system.webServer>

---

Related Topics