Solved

internal server error 500 when using http post containing %0A%3C

Posted on 2008-06-19
2
1,184 Views
Last Modified: 2013-12-16
Hi

I am trying to perform an HTTP POST to a website. Every time i do the POST i get a response of 500. Internal server error.

I have found out that the reason i am getting the error is because the POST contains the string:

%0A%3C

This is a line feed and a < sign.

For some reason i am unable to post this data when it is a requirement for me. If i use %0A%3E (which is line feed and > sign) it works.

Does anyone know why this would happen?

Any help would be appreciated. I have attached the code that i am using.

I am running Microsoft Visual Studio 2005. .Net 2.0 Service Pack 1, Windows XP and IIS 5.1

(i tried it on server 2003 with iis 6.0 and had the same error)

Apyreal
static void Main(string[] args)
        {
           string query = "?%0A%3Chey";
            string a = HTTPCallback("url", query, "POST");
            Console.WriteLine(a);
            Console.ReadLine();
        }
 
        // simple generic http get/post request function
        static string HTTPCallback(string uri, string query, string method)
        {
            string output = string.Empty;
            try
            {
                // request
                WebRequest request;
                // do a POST if requested, otherwise default to a GET
                if (method.ToUpper() == "POST")
                {
                    request = WebRequest.Create(uri);
                    request.Method = "POST";
                    byte[] buffer = Encoding.UTF8.GetBytes(query);
                    request.ContentType = "application/x-www-form-urlencoded";
                    request.ContentLength = buffer.Length;
                    // add form data to request stream
                    System.IO.Stream requestStream = request.GetRequestStream();
                    requestStream.Write(buffer, 0, buffer.Length);
                    requestStream.Flush();
                    requestStream.Close();
                }
                else
                {
                    request = WebRequest.Create(uri + query);
                    request.Method = "GET";
                }
                // response
                HttpWebResponse response = (HttpWebResponse)request.GetResponse();
                System.IO.Stream responseStream = response.GetResponseStream();
                StreamReader responseReader = new StreamReader(responseStream);
                // output
                output = responseReader.ReadToEnd();
                // clean-up
                responseReader.Close();
                responseStream.Close();
                response.Close();
            }
            catch (Exception e)
            {
                Console.WriteLine(e.Message);
            }
 
            return output;
        }

Open in new window

0
Comment
Question by:Apyreal
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 25

Expert Comment

by:SStory
ID: 21821725
I'm not sure, but wouldn't you need to encode that like &lt; for <
like in html, to keep the page from thinking "<" is the beginning of a tag..that it subsequently won't find?
0
 
LVL 1

Accepted Solution

by:
Apyreal earned 0 total points
ID: 21821787
nope, actually. the it is already encoded. I found the problem about 5 minutes ago. IIS was treating %0A%3C as a possible dangerous request, so it would always fail it.

Fix was to place ValidateRequest="false" in the page to where i am posting. Not a perfect fix but it is the only one that works
0

Featured Post

Three Reasons Why Backup is Strategic

Backup is strategic to your business because your data is strategic to your business. Without backup, your business will fail. This white paper explains why it is vital for you to design and immediately execute a backup strategy to protect 100 percent of your data.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

What is an ISAPI filter?   •      It's an assembly (.dll file) that can add or change the way IIS works.   •      They can be enabled globally for your web server or on a site-by-site basis.   When the IIS server receives a request, enabling the ISAPI fi…
A phishing scam that claims a recipient’s credit card details have been “suspended” is the latest trend in spoof emails.
In this video, viewers are given an introduction to using the Windows 10 Snipping Tool, how to quickly locate it when it's needed and also how make it always available with a single click of a mouse button, by pinning it to the Desktop Task Bar. Int…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

691 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question