Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

How to use MaxRequestBodySize in ASP.NET Core on IIS with maxAllowedContentLength?

Tags:

iis

asp.net-core

I have an ASP.NET Core web API running on IIS. In an operation, I set IHttpMaxRequestBodySizeFeature.MaxRequestBodySize to 262144000. I have used the IIS Configuration Editor to

  • modify ApplicationHost.config for my site by setting system.webServer/security/requestFiltering/requestLimits/maxAllowedContentLength to 4294967295 enter image description here
  • modify ApplicationHost.config for my site by setting system.webServer/serverRuntime/maxRequestEntityAllowed to 4294967295 enter image description here
  • modify Root Web.config for my site by setting system.web/httpRuntime/maxRequestLength to 2147483647 enter image description here

Those are the values I also see when I choose Web.config in the IIS Configuration Editor.

The site is behind another IIS site acting as a reverse proxy. I have made the same changes there.

I am able to upload files larger than the default ~30MB limit, but I consistently get the following warning whenever I set IHttpMaxRequestBodySizeFeature.MaxRequestBodySize to a large value:

Increasing the MaxRequestBodySize conflicts with the max value for IIS limit maxAllowedContentLength. HTTP requests that have a content-length greater than maxAllowedContentLength will still be rejected by IIS. You can disable the limit by either removing or setting the maxAllowedContentLength value to a higher limit.

I have even looked at the ASP.NET source code to verify that the warning only prints if you're trying to set the limit higher than the IIS settings ([1], [2]).

What am I doing wrong?

If it's relevant, I am publishing to IIS using Azure Pipelines. My repo does not contain a web.config, but for good measure I tried with the following web.config without luck:

<configuration>
  <system.web>
    <httpRuntime maxRequestLength="2147483647" />
  </system.web>
  <system.webServer>
    <security>
      <requestFiltering>
        <requestLimits maxAllowedContentLength="4294967295" />
      </requestFiltering>
    </security>
  </system.webServer>
</configuration>
like image 917
cmeeren Avatar asked Jul 30 '20 12:07

cmeeren

People also ask

What is maxAllowedContentLength in web config?

The maxRequestLength indicates the maximum file upload size supported by ASP.NET, the maxAllowedContentLength specifies the maximum length of content in a request supported by IIS.

Can ASP NET core run on IIS?

NET Core Library, and the ASP.NET Core Module. The module allows ASP.NET Core apps to run behind IIS. If the Hosting Bundle is installed before IIS, the bundle installation must be repaired. Run the Hosting Bundle installer again after installing IIS.

1 Answers

Turns out there are several bugs in ASP.NET Core when setting the limits to values above Int32.MaxValue. Furthermore, the limit must be set in two places. See this issue and linked issues. In summary:

  • Set the web.config value system.webServer.security.requestFiltering.maxAllowedContentLength to Int32.MaxValue
  • In the app startup, set IISServerOptions.MaxRequestBodySize to Int32.MaxValue

That removes the warning (and of course limits requests to ~2GB).

like image 105
cmeeren Avatar answered Nov 15 '22 10:11

cmeeren
Sign in to Comment

Related questions

Can ASP.NET.Core be used without the DI Container
Entity Framework core seed large data from file
ASP.NET Core OData entity with private setters on properties
UPDATE [2] - ASP.NET Core Web API upload and download file - Stream exception
Deploying an Angular SPA under a subfolder
SignalR in ASP.Net Core 401 Unauthorized
Razor Pages - Model validation fails due to multiple objects sharing parameters
How to configure multiple exception handlers
AspNetCore.WsFederation get signin-wsfed redirect to HTTP when original request is HTTPS
.Net Core Nuget Package - Copy files to package consumer wwwroot
ASP.NET Core with React - 431 Request headers too long
Mysterious 401 challenge when using AJAX
SignalR Core, not getting response from server when client is connected
Multi-endpoint Kestrel configuration with different TLS certificates serves the wrong certificate
System.MethodAccessException: 'Attempt by method 'Microsoft.Extensions.Logging.Configuration issue
Detect static file request from .NET core middleware
ASP.NET Core 3.1 - How to persist JWT Tokens once Authenticated
AWS Cognito AccessToken vs IdToken
"Blocked loading mixed active content" in Blazor WebAssembly app which uses IdentityServer4

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!