Solved

XmlDocument protocol violation

Posted on 2006-07-17
2
445 Views
Last Modified: 2008-02-01
Having problems translating VB6 to VB.NET (Visual Studio 2005)
Error: "The server committed a protocol violation"
Tried it with 2 different URL's same as in original code.
One works, the other doesn't.
For security reasons I can't give the exact URL but this is what the failed URL looks like:
http://notwww.someprovider.com/long_security_key/sub_folder/page_without_extension?FORMAT=XML&PARM1=0%23.AA.BB
The succesful URL only differs in page_without_extension and parameters, the key and such are the same.
innerText and innerXML is filled with sensible data for the succesful page.
When I try the bad URL in IE, firefox or VB6 it does work.

VB6


Set m_xmlChain = New DOMDocument30
m_xmlChain.resolveExternals = False
m_xmlChain.validateOnParse = False
m_xmlChain.async = True
m_Done = False
m_xmlChain.Load URLSTRING
While Not m_Done
    DoEvents
Wend

Private Sub m_xmlChain_onreadystatechange()
  If m_xmlChain.readyState = 4 Then
    m_Done = True
  End If
End Sub



VB.NET


m_xmlChain = New XmlDocument
       'm_xmlChain.resolveExternals = False   ' my attempt to translate this line is in next 3 lines
Dim resolver As New XmlUrlResolver()
resolver.Credentials = CredentialCache.DefaultCredentials
m_xmlChain.XmlResolver = resolver
       'm_xmlChain.validateOnParse = False   ' how to translate?
       'm_xmlChain.async = True                   ' how to translate?
Try
      m_xmlChain.Load(URLSTRING)
Catch ex As Exception
      messagebox.show(ex.tostring)
End Try

Any comments and improvements to the code are welcome, I'm new to this XML stuff in VB.NET. Only played a little with it in javascript.


Follow up Q:
http://www.experts-exchange.com/Programming/Programming_Languages/Dot_Net/VB_DOT_NET/Q_21921874.html

Kind regards,

Nico
0
Comment
Question by:NicoLaan
2 Comments
 
LVL 1

Accepted Solution

by:
Loial earned 500 total points
ID: 17130087
This might be caused by a badly formed result page, i.e. no crlf but only cr or only lf.
If so it can be solved by placing the following in the config file for your project.

  <system.net>
    <settings>
      <httpWebRequest useUnsafeHeaderParsing = "true" />
    </settings>
  </system.net>

See also for security implications:
http://msdn2.microsoft.com/en-us/library/system.net.configuration.httpwebrequestelement.useunsafeheaderparsing.aspx

Quote from that page:

Remarks

When this property is set to false, the following validations are performed during HTTP parsing:
    *      In end-of-line code, use CRLF; using CR or LF alone is not allowed.
    *      Headers names should not have spaces in them.
    *      If multiple status lines exist, all additional status lines are treated as malformed header name/value pairs.
    *      The status line must have a status description, in addition to a status code.
    *      Header names cannot have non-ASCII chars in them. This validation is performed whether this property is set to true or false.
When a protocol violation occurs, a WebException exception is thrown with the status set to ServerProtocolViolation. If the UseUnsafeHeaderParsing property is set to true, validation errors are ignored.

Setting this property to true has security implications, so it should only be done if backward compatibility with a server is required.
0
 
LVL 4

Author Comment

by:NicoLaan
ID: 17130213
That's it, it works!
It was the crlf you mentioned. The xml only had 0A my hexeditor told me.
Thanks a lot!
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Microsoft Reports are based on a report definition, which is an XML file that describes data and layout for the report, with a different extension. You can create a client-side report definition language (*.rdlc) file with Visual Studio, and build g…
It was really hard time for me to get the understanding of Delegates in C#. I went through many websites and articles but I found them very clumsy. After going through those sites, I noted down the points in a easy way so here I am sharing that unde…
This is a video that shows how the OnPage alerts system integrates into ConnectWise, how a trigger is set, how a page is sent via the trigger, and how the SENT, DELIVERED, READ & REPLIED receipts get entered into the internal tab of the ConnectWise …
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

929 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now