• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 474
  • Last Modified:

XmlDocument protocol violation

Having problems translating VB6 to VB.NET (Visual Studio 2005)
Error: "The server committed a protocol violation"
Tried it with 2 different URL's same as in original code.
One works, the other doesn't.
For security reasons I can't give the exact URL but this is what the failed URL looks like:
The succesful URL only differs in page_without_extension and parameters, the key and such are the same.
innerText and innerXML is filled with sensible data for the succesful page.
When I try the bad URL in IE, firefox or VB6 it does work.


Set m_xmlChain = New DOMDocument30
m_xmlChain.resolveExternals = False
m_xmlChain.validateOnParse = False
m_xmlChain.async = True
m_Done = False
m_xmlChain.Load URLSTRING
While Not m_Done

Private Sub m_xmlChain_onreadystatechange()
  If m_xmlChain.readyState = 4 Then
    m_Done = True
  End If
End Sub


m_xmlChain = New XmlDocument
       'm_xmlChain.resolveExternals = False   ' my attempt to translate this line is in next 3 lines
Dim resolver As New XmlUrlResolver()
resolver.Credentials = CredentialCache.DefaultCredentials
m_xmlChain.XmlResolver = resolver
       'm_xmlChain.validateOnParse = False   ' how to translate?
       'm_xmlChain.async = True                   ' how to translate?
Catch ex As Exception
End Try

Any comments and improvements to the code are welcome, I'm new to this XML stuff in VB.NET. Only played a little with it in javascript.

Follow up Q:

Kind regards,

1 Solution
This might be caused by a badly formed result page, i.e. no crlf but only cr or only lf.
If so it can be solved by placing the following in the config file for your project.

      <httpWebRequest useUnsafeHeaderParsing = "true" />

See also for security implications:

Quote from that page:


When this property is set to false, the following validations are performed during HTTP parsing:
    *      In end-of-line code, use CRLF; using CR or LF alone is not allowed.
    *      Headers names should not have spaces in them.
    *      If multiple status lines exist, all additional status lines are treated as malformed header name/value pairs.
    *      The status line must have a status description, in addition to a status code.
    *      Header names cannot have non-ASCII chars in them. This validation is performed whether this property is set to true or false.
When a protocol violation occurs, a WebException exception is thrown with the status set to ServerProtocolViolation. If the UseUnsafeHeaderParsing property is set to true, validation errors are ignored.

Setting this property to true has security implications, so it should only be done if backward compatibility with a server is required.
NicoLaanAuthor Commented:
That's it, it works!
It was the crlf you mentioned. The xml only had 0A my hexeditor told me.
Thanks a lot!
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now