Export (0) Print
Expand All

HttpWebRequestElement.UseUnsafeHeaderParsing Property

Setting this property ignores validation errors that occur during HTTP parsing.

Namespace:  System.Net.Configuration
Assembly:  System (in System.dll)

[ConfigurationPropertyAttribute("useUnsafeHeaderParsing", DefaultValue = false)]
public bool UseUnsafeHeaderParsing { get; set; }

Property Value

Type: System.Boolean
Boolean that indicates whether this property has been set.

When this property is set to false, the following validations are performed during HTTP parsing:

  • In end-of-line code, use CRLF; using CR or LF alone is not allowed.

  • Headers names should not have spaces in them.

  • If multiple status lines exist, all additional status lines are treated as malformed header name/value pairs.

  • The status line must have a status description, in addition to a status code.

  • Header names cannot have non-ASCII chars in them. This validation is performed whether this property is set to true or false.

When a protocol violation occurs, a WebException exception is thrown with the status set to ServerProtocolViolation. If the UseUnsafeHeaderParsing property is set to true, validation errors are ignored.

Setting this property to true has security implications, so it should only be done if backward compatibility with a server is required.

.NET Framework

Supported in: 4.5.2, 4.5.1, 4.5, 4, 3.5, 3.0, 2.0

.NET Framework Client Profile

Supported in: 4, 3.5 SP1

Windows 8.1, Windows Server 2012 R2, Windows 8, Windows Server 2012, Windows 7, Windows Vista SP2, Windows Server 2008 (Server Core Role not supported), Windows Server 2008 R2 (Server Core Role supported with SP1 or later; Itanium not supported)

The .NET Framework does not support all versions of every platform. For a list of the supported versions, see .NET Framework System Requirements.

© 2014 Microsoft