Export (0) Print
Expand All

Limiting the Size of a Request 

To limit the size of a request for all requests through a particular ISAPI extension DLL

  • Override CIsapiExtension::HttpExtensionProc in your ISAPI extension DLL and compare your maximum request size with the value returned by EXTENSION_CONTROL_BLOCK::cbTotalBytes. Reject any requests that exceed the maximum size.

To limit the size of a request for a particular request handler

  1. Override CRequestHandlerT::CheckValidRequest and compare your maximum request size with the value returned by IHttpServerContext::GetTotalBytes. Reject any requests that exceed the maximum size.

    –or–

  2. Override CRequestHandlerT::ValidateAndExchange and compare your maximum request size with the value returned by CHttpRequest::GetTotalBytes. Reject any requests that exceed the maximum size.

    For more information on the differences between these two methods, see Initializing Request Handlers.

To delay form processing for a particular request handler based on the size of the request

  • Override CRequestHandlerT::MaxFormSize and return the maximum number of bytes in the body of a request that should be parsed. If a request exceeds this size, default form processing is not carried out (that is, the files and form variables collections of the request object, m_HttpRequest, will not be populated). Note that taking this action does not cause the request to be rejected; it simply delays or prevents expensive processing on large requests.

To reject a request because it is too large

  • Return HTTP_REQUEST_ENTITY_TOO_LONG to use the default response or build your own response and return an appropriate status code.

    NoteNote

    The information in this topic applies to limiting the number of bytes in the body of the request. IIS limits the number of bytes in the header of a request automatically.

See Also

Community Additions

ADD
Show:
© 2014 Microsoft