Shooting yourself in the foot - IIS 6.0 OWA HTTP/1.1 400 Bad Request (Header Field Too Long)

by Vignesh 6/25/2008 10:21:13 AM

If you are a IIS web server administrator who is responsible for fine tuning the performance of the web server, the chances of you having to make registry changes or Metabase changes are very high. Most of these changes are usually recommendations by msdn or knowledge base articles at http://support.microsoft.com . When these articles are not followed "as is"  or incorrectly followed, this can have fatal consequences for applications running on IIS.

I recently worked on an issue where browsing to Outlook Web Access OWA hosted on IIS 6.0 would give the following error.

                                           HTTP/1.1 400 Bad Request (Header Field Too Long)

After a few hours of intensive troubleshooting, we nailed this down to an incorrectly set registry key "MaxRequestBytes" which was set to "0". It’s possible that someone may been following http://technet.microsoft.com/en-us/library/aa998541(EXCHG.80).aspx while using the Exchange Server Analyzer Tool and incorrectly modified MaxRequestBytes to “0”. 

Note: The MaxRequestBytes registry value, which is not present by default, determines the upper limit for the total size of the Request line and the headers. This value is typically set in tandem with a companion value, MaxFieldLength. The MaxFieldLength IIS registry parameter specifies the maximum size of any individual HTTP client request.

In larger environments, these values need to be adapted or Microsoft Office Outlook® Web Access for Exchange Server users can experience logon failures. Setting the values to 32768 has proven to be a sufficiently big setting for most customers. If these values are incorrectly set they can cause HTTP 400 - Bad Request errors. Please refer to http://support.microsoft.com/?id=820129 for background information on these settings.

Registry key

Default value

Valid value range

Registry key function

MaxFieldLength 16384 64 - 65534 (64k - 2) bytes Sets an upper limit for each header. See MaxRequestBytes. This limit translates to approximately 32k characters for a URL.
MaxRequestBytes 16384 256 - 16777216 (16MB) bytes

Determines the upper limit for the total size of the Request line and the headers.
Its default setting is 16KB. If this value is lower than MaxFieldLength, the MaxFieldLength value is adjusted.

So what will happen if you set MaxRequestBytes to "0" ???

if (MaxRequestBytes < MaxFieldLength)
    {
        MaxFieldLength = MaxRequestBytes;
    }

MaxFieldLength will also be "0" and HTTP.SYS driver will reject all HTTP requests with the 400 Bad Request (Header Field Too Long) error.Incorrectly following  documentation can have a major business impact and can be very hard to troubleshoot or reverse the changes. If the documentation itself is inaccurate, that's another story altogether. Good luck!

HTH,
Vignesh



Currently rated 5.0 by 2 people

  • Currently 5/5 Stars.
  • 1
  • 2
  • 3
  • 4
  • 5

Tags:

Add comment


(Will show your Gravatar icon)  

  Country flag

biuquote
  • Comment
  • Preview
Loading



Calendar

<<  January 2009  >>
MoTuWeThFrSaSu
2930311234
567891011
12131415161718
19202122232425
2627282930311
2345678

View posts in large calendar

Recent comments

Disclaimer

The opinions expressed herein are my own personal opinions and do not represent my employer's view in anyway. We try our best to write good code, but none of the code here is tested on Production boxes. Feel free to use the code, BUT test it before you do so (in simple words... use it at your own risk)

© Copyright 2009

Sign in