What's New in Windows Server 2008 and Windows Vista
Starting in Windows Server 2008 and Windows Vista, the WinHTTP API has been enhanced to include the following features.
Greater Than 4-GB Upload.
WinHttpSendRequest can send only 4 GB of data because of limitations in the size of the DWORD total length parameter. To enable applications to send more than 4 GB of data, the Content-Length header is added to the request specifying data as large as a LARGE_INTEGER (2^64 bytes). For more information, see WinHttpSendRequest. This feature is not supported on the IWinHttpRequest COM object.
Transfer-Encoding Header
The Transfer-Encoding header enables applications to send chunked data to the server. When the Transfer-Encoding header is present on the request, the application sends the request with a zero length entity body in the call to WinHttpSendRequest. The entity body is sent in subsequent calls to WinHttpWriteData. This feature is not supported on the IWinHttpRequest COM object.
SSL Client Certificate Issuer List Retrieval
The application can retrieve the SSL client certificate Issuer List when WinHttpSendRequest fails with an ERROR_WINHTTP_CLIENT_AUTH_CERT_NEEDED. A new option, WINHTTP_OPTION_CLIENT_CERT_ISSUER_LIST, allows applications to retrieve the certificate Issuer List and filter the list for the optimal certificate. For more information, see the Option flags and Issuer List Retrieval for SSL Client Authentication topics. This feature is not supported on the IWinHttpRequest COM object.
Optional Client Certificates
When WinHttpSendRequest fails with an ERROR_WINHTTP_CLIENT_AUTH_CERT_NEEDED, the server may not require the SSL client certificate. The server may be able to revert to another form of authentication, or allow the client to proceed with anonymous access. The application sets the WINHTTP_OPTION_CLIENT_CERT_CONTEXT option and specifies a macro that WinHttp uses to determine if the client certificate is required. For more information, see Option flags. This feature is not supported on the IWinHttpRequest COM object.
Source and Destination IP Addresses
When WinHttpReceiveResponse completes, the application can retrieve the source and destination IP address and port of the request that generated the response. A new structure is provided to receive the source and destination addresses when the WINHTTP_OPTION_CONNECTION_INFO option is set. For more information, see Option flags. This feature is not supported on the IWinHttpRequest COM object.
Additional SSL Client Authentication Errors
Additional SSL client authentication errors provide more information about the SSL Client certificate. ERROR_WINHTTP_CLIENT_CERT_NO_PRIVATE_KEY and ERROR_WINHTTP_CERT_NO_ACCESS_PRIVATE_KEY client certificate errors are new for Windows Server 2008 and Windows Vista. The IWinHttpRequest COM object returns these errors in an HRESULT.
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for