• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1195
  • Last Modified:

internal server error 500 when using http post containing %0A%3C

Hi

I am trying to perform an HTTP POST to a website. Every time i do the POST i get a response of 500. Internal server error.

I have found out that the reason i am getting the error is because the POST contains the string:

%0A%3C

This is a line feed and a < sign.

For some reason i am unable to post this data when it is a requirement for me. If i use %0A%3E (which is line feed and > sign) it works.

Does anyone know why this would happen?

Any help would be appreciated. I have attached the code that i am using.

I am running Microsoft Visual Studio 2005. .Net 2.0 Service Pack 1, Windows XP and IIS 5.1

(i tried it on server 2003 with iis 6.0 and had the same error)

Apyreal
static void Main(string[] args)
        {
           string query = "?%0A%3Chey";
            string a = HTTPCallback("url", query, "POST");
            Console.WriteLine(a);
            Console.ReadLine();
        }
 
        // simple generic http get/post request function
        static string HTTPCallback(string uri, string query, string method)
        {
            string output = string.Empty;
            try
            {
                // request
                WebRequest request;
                // do a POST if requested, otherwise default to a GET
                if (method.ToUpper() == "POST")
                {
                    request = WebRequest.Create(uri);
                    request.Method = "POST";
                    byte[] buffer = Encoding.UTF8.GetBytes(query);
                    request.ContentType = "application/x-www-form-urlencoded";
                    request.ContentLength = buffer.Length;
                    // add form data to request stream
                    System.IO.Stream requestStream = request.GetRequestStream();
                    requestStream.Write(buffer, 0, buffer.Length);
                    requestStream.Flush();
                    requestStream.Close();
                }
                else
                {
                    request = WebRequest.Create(uri + query);
                    request.Method = "GET";
                }
                // response
                HttpWebResponse response = (HttpWebResponse)request.GetResponse();
                System.IO.Stream responseStream = response.GetResponseStream();
                StreamReader responseReader = new StreamReader(responseStream);
                // output
                output = responseReader.ReadToEnd();
                // clean-up
                responseReader.Close();
                responseStream.Close();
                response.Close();
            }
            catch (Exception e)
            {
                Console.WriteLine(e.Message);
            }
 
            return output;
        }

Open in new window

0
Apyreal
Asked:
Apyreal
1 Solution
 
SStoryCommented:
I'm not sure, but wouldn't you need to encode that like &lt; for <
like in html, to keep the page from thinking "<" is the beginning of a tag..that it subsequently won't find?
0
 
ApyrealAuthor Commented:
nope, actually. the it is already encoded. I found the problem about 5 minutes ago. IIS was treating %0A%3C as a possible dangerous request, so it would always fail it.

Fix was to place ValidateRequest="false" in the page to where i am posting. Not a perfect fix but it is the only one that works
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Cloud Class® Course: MCSA MCSE Windows Server 2012

This course teaches how to install and configure Windows Server 2012 R2.  It is the first step on your path to becoming a Microsoft Certified Solutions Expert (MCSE).

Tackle projects and never again get stuck behind a technical roadblock.
Join Now