Why does HttpRequestValidationException have a 500 http error code instead of 400?

Question

Why does HttpRequestValidationException have a 500 http error code instead of 400?

When I tested my MVC5-based web application, I found that it HttpRequestValidationExceptionreturned 500 of GetHttpCode().
I will catch this exception while checking the security of requests to the server. MVC checks the request and throws this exception, I processed it in Application_Errorand got 500 code returned, but, in fact, if the user went through the wrong login to the server I should return 400 errors (bad request). therefore, I don’t understand why the exception has 500 errors. Where am I mistaken?

+4

http c # iis asp.net-mvc-5

Alezis Jan 28 '16 at 10:31

source share

2 answers

MVC HttpRequestValidationException, , BadRequest:

protected void Application_Error()
{
    var lastError = Server.GetLastError();
    if (lastError is ArgumentException || lastError is HttpRequestValidationException)
    {
        Server.ClearError();
        Response.StatusCode = (int) HttpStatusCode.BadRequest;
    }
}

+2

Ofiris 28 . '16 10:37

Jon Hanna · Accepted Answer · 2016-01-28T11:01:57+0000

, 500 .

, , HttpRequestValidationException, . , - , , , . , , , , , ( ) , , , 4xx 5xx 5xx - ( , ).
, , 4xx ( 404 , 404 , ). , 500 .
ASP.NET 500 , . MVC () , , HttpRequestValidationException MVC.

, , . , HttpRequestValidationException , , , 400.

:

400 RFC 7231, -, , RFC 7231 2014 . HttpRequestValidationException 2003 , RFC 2616 RFC, 400 RFC 400 , HTTP . 400 , " - ", , .

, 500 , . , , .

, , , HttpRequestValidationException ( , , ), 400, 500.

Why does HttpRequestValidationException have a 500 http error code instead of 400?

More articles: