I am working on an ASP.NET Core application which consumes a GraphQL
endpoint via RestSharp
to retrieve the data. This is an intranet type application, deployed on a Windows 2016 IIS Server and we are utilizing Windows Authentication. The problem we are encountering is that a certain user, who belongs to a large number of active directory groups is getting intermittent 431 Request headers too long errors.
I have attempted the following:
I am setting the IISDefaults
in the startup.cs
for both the application and service:
services.AddAuthentication(IISDefaults.AuthenticationScheme);
I am passing UseDefaultCredentials in the RestRequest
var client = new RestClient(endpoint);
var request = new RestRequest(Method.POST);
request.UseDefaultCredentials = true;
request.AddHeader("content-type", "application/json");
request.AddParameter("application/json", data, ParameterType.RequestBody);
IRestResponse response = client.Execute(request);
return response.Content;
Set the registry entries for MaxFieldLength
and MaxRequestBytes
to the max allowed.
Log from stdout:
info: Microsoft.AspNetCore.Server.Kestrel[17] Connection id "0HLIABLA41UKH" bad request data: "Request headers too long." Microsoft.AspNetCore.Server.Kestrel.Core.BadHttpRequestException: Request headers too long. at Microsoft.AspNetCore.Server.Kestrel.Core.BadHttpRequestException.Throw(RequestRejectionReason reason) at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.Http.Http1Connection.TakeMessageHeaders(ReadOnlySequence
1 buffer, SequencePosition& consumed, SequencePosition& examined) at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.Http.Http1Connection.ParseRequest(ReadOnlySequence
1 buffer, SequencePosition& consumed, SequencePosition& examined) at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.Http.Http1Connection.TryParseRequest(ReadResult result, Boolean& endConnection) at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.Http.HttpProtocol.ProcessRequests[TContext](IHttpApplication1 application) at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.Http.HttpProtocol.ProcessRequestsAsync[TContext](IHttpApplication
1 application) info: Microsoft.AspNetCore.Hosting.Internal.WebHost[1]
This was resolved by setting the MaxRequestHeadersTotalSize Kestrel option. This defaults to 32768.
public static IWebHostBuilder CreateWebHostBuilder(string[] args) =>
WebHost.CreateDefaultBuilder(args)
.UseStartup<Startup>()
.UseKestrel(options =>
{
options.Limits.MaxRequestHeadersTotalSize = 1048576;
});
Jonas is on the right track and helped solved the similar situation that I was having with an ASP.NET Core web application. However, after reviewing the Microsoft docs on the Kestrel server, I found that Jonas' method needs to be modified slightly if using ASP.NET Core 2.2 (thanks to @cristi71000's comment). Most of the credit should still go to @Jonas Wik for pointing us all in the right direction.
He suggests chaining the UseKestrel()
helper method when creating and configuring a web host builder. However, according to the Microsoft docs for ASP.NET Core 2.2, CreateDefaultBuilder()
is already calling UseKestrel()
behind the scenes. When additional configuration is needed, the helper method ConfigureKestrel()
should be used to further configure Kestrel. Updating Jonas' answer for ASP.NET Core 2.2 would look like this:
public static IWebHostBuilder CreateWebHostBuilder(string[] args) =>
WebHost.CreateDefaultBuilder(args)
.UseStartup<Startup>()
.ConfigureKestrel((context, options) =>
{
options.Limits.MaxRequestHeadersTotalSize = 1048576;
});
Full disclosure: I have done both and do not notice a difference or any adverse side-effects. However, it's best to stay in line with their documented practices to ensure nothing goes off the rails in future development!
How to Use Kestrel in ASP.NET Core Apps (ASP.NET Core v2.1)
How to Use Kestrel in ASP.NET Core Apps (ASP.NET Core v2.2)
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With