What are the differences bewteen maxJsonLength and MaxJsonDeserializerMembers?

Question

We can set the max json length in the web.config in two ways:

1: in bytes

<configuration>
  <system.web.extensions>
    <scripting>
      <webServices>
        <jsonSerialization maxJsonLength="500000">
        </jsonSerialization>
      </webServices>
    </scripting>
  </system.web.extensions>
</configuration>

2: in the app settings. The max entries in the json object (this case 150,000)

<add key="aspnet:MaxJsonDeserializerMembers" value="150000" />

I am wondering, when to use which one? Do I always need both? Are those two working with each other some way?

Answer 1

By definition here are the two settings in question.

1. JavaScriptSerializer.MaxJsonLength

   Gets or sets the maximum length of JSON strings that are accepted by the JavaScriptSerializer class.

2. aspnet:MaxJsonDeserializerMembers

   Specifies the limit of the maximum number of items that can be present in any dictionary deserialized by the JavaScriptSerializer type.

That said, take a look at this answer

The value of the MaxJsonLength property applies only to the internal JavaScriptSerializer instance that is used by the asynchronous communication layer to invoke Web services methods. (MSDN: ScriptingJsonSerializationSection.MaxJsonLength Property)

And the answerer's interpretation

Basically, the "internal" JavaScriptSerializer respects the value of maxJsonLength when called from a web method; direct use of a JavaScriptSerializer (or use via an MVC action-method/Controller) does not respect the maxJsonLength property, at least not from the systemWebExtensions.scripting.webServices.jsonSerialization section of web.config.