All geek questions in one place

IIS7 DOES NOT return HTTP 400 for bad request

I have an MVC2 site where we run many integration tests. Most importantly, we test the behavior when using bad URLs. For instance:

http: // xxxx / v1 // Dy888 / 1/1234567815 / swlocation? fv = 24 & sv2 = 3 & sv3 = 5

(Note the two slashes after "v1".)

This should give HTTP 400, Bad Request, and in the development environment (VS2008) everything works as planned. But in the test environment, IIS7 or MVC2 somehow sees this and the answers, as if there was only one slash. It seems too smart and helps us by rewriting the request.

How can I configure my server so that it is not “smart” and really respond with the correct error?

The test server is Windows Server 2008 with IIS7.

Thank! - Niklas

+1
source share
1 answer

The http status code 400 is defined as follows:

The request had poor syntax or was inherently impossible to satisfy.

The presence of an additional slash in the URI (which is only part of the request as a whole) cannot be correctly classified as a syntax error of the request and does not make it impossible to satisfy the request, since the additional slash does not change the location that the URI points to.

I think your development web server is the one who is behaving incorrectly and that the premise for your test is incorrect.

+1
source

Source: https://habr.com/ru/post/1780488/

More articles:


All Articles