In our ASP.NET application, we're having a problem with file uploads. In our web.config, under system.webServer/security/requestFiltering/requestLimits, we set maxAllowedContentLength to 16777216 (16 MB), and under system.web/httpRuntime, maxRequestLength is set to 16384 (also 16 MB). IIS seems to do the request filtering just fine unless a really huge file is uploaded. For example, when I upload a 2.27 GB file, IIS doesn't reject it immediately. Instead, it allows the browser to upload the entire file before finally erroring out (with an odd 400 Bad Request "ASP.NET detected invalid characters in the URL." error).
This looks to me to be a bug with IIS 7.5. We've tried to work around it by creating an HttpModule that can inspect the size of the upload before the upload actually takes place, but it seems like the upload is always taking place before the BeginRequest event is triggered. Is there any way for us to look into the IIS pipeline at an earlier point than what HttpModule gives us so we can bypass the ludicrous upload behavior exhibited by IIS?
View Complete Post