HttpServerUtility.Execute Method (IHttpHandler, TextWriter, Boolean)

Note: This method is new in the .NET Framework version 2.0.

Executes the handler for the specified virtual path in the context of the current request. A TextWriter captures output from the executed handler and a Boolean parameter specifies whether to clear the QueryString and Form collections.

Namespace: System.Web
Assembly: System.Web (in system.web.dll)

public void Execute (
	IHttpHandler handler,
	TextWriter writer,
	bool preserveForm
public void Execute (
	IHttpHandler handler, 
	TextWriter writer, 
	boolean preserveForm
public function Execute (
	handler : IHttpHandler, 
	writer : TextWriter, 
	preserveForm : boolean



The HTTP handler that implements the IHttpHandler to transfer the current request to.


The TextWriter to capture the output.


true to preserve the QueryString and Form collections; false to clear the QueryString and Form collections.

Exception typeCondition


An error occurred executing the handler specified by handler.


handler is a null reference (Nothing in Visual Basic).

You can write custom HTTP handlers to process specific, predefined types of HTTP requests in any language that is compliant with the Common Language Specification (CLS). Executable code that is defined in the HTTP handler classes, rather than in conventional ASP or ASP.NET Web pages, responds to these specific requests. HTTP handlers give you a means of interacting with the low-level request and response services of a Web server running the Internet Information Services (IIS) and provide functionality much like ISAPI extensions but with a simpler programming model.

ASP.NET does not verify that the current user is authorized to view the resource that is delivered by the Execute method. Although the ASP.NET authorization and authentication logic runs before the original resource handler is called, ASP.NET directly calls the handler that is indicated by the Execute method and does not rerun authentication and authorization logic for the new resource. If the security policy for your application requires clients to have proper authorization to gain access to the resource, the application should force reauthorization or provide a custom access-control mechanism.

You can force reauthorization by using the Redirect method instead of the Execute method. The Redirect performs a client-side redirect in which the browser requests the new resource. Because this redirect is a new request entering the system, it is subjected to all the authentication and authorization logic of both the IIS and ASP.NET security policy.

You can verify that the user has permission to view the resource by incorporating a custom authorization method that uses the IsInRole method before the application calls the Execute method.

Windows 98, Windows 2000 SP4, Windows Server 2003, Windows XP Media Center Edition, Windows XP Professional x64 Edition, Windows XP SP2, Windows XP Starter Edition

The .NET Framework does not support all versions of every platform. For a list of the supported versions, see System Requirements.

.NET Framework

Supported in: 2.0

Community Additions