?
Solved

IIS7 replacing CGI input payload with single S character

Posted on 2012-08-13
5
Medium Priority
?
248 Views
Last Modified: 2014-02-08
I've got an IIS server which runs my standalone CGI EXE application (no ASP or similar)

When switching from IIS6 to IIS7 I frequently begin getting one single "S" character as input, from IIS7, to this exe program, instead of the actual payload from the end user browser.

This only happens when https is used, and it only happens "sometimes" (I cannot see any "system" in that, but some users are more "hit" than others)


Any ideas why the IIS7 payload *sometimes* is replaced with one  single "S" character, when presented to the CGI standsalone program, by the IIS7 server, driven by a user https request?

/Stefan
(question edited; removed eventviewer message that was probably not related)
0
Comment
Question by:Stefan Lennerbrant
  • 4
5 Comments
 

Author Comment

by:Stefan Lennerbrant
ID: 38288539
This is really annoying! I cannot find anything on the internet, but I mean, IIS7 exchanging the request payload with an "S" character only, that seems so far-fletched that it probably  should be easily remembered by someone... :-)

Are there any limitation settings in IIS7 that relates to https requests, setting max limits on concurrent requests etc etc?
There are not that many requests on this server (like less than one per second, even though it of course may be more from time to time) and the requests (at least the ones that trigger the error) are small, no large data volumes.

The failing requests use method POST and encoding application/x-www-form-urlencoded
Note that some requests (often) works OK and some requests don't. Looks quite random.
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 38290916
can you post such a POST request?
use LiveHTTPHeader add-on in firefox or something proper for IE
0
 

Author Comment

by:Stefan Lennerbrant
ID: 38294316
Further investigation indicates that the problem seems to be that the end user data is not available at the time when the CGI application is launched
Thus, when the CGI program reads it (standard input) from IIS7, only one character is available, and is read.

I am looking into if some config setting in IIS7 gives this behaviour, that "input buffering" is kind of disabled (just as response buffering may be disabled, for output), such that IIS7 is not able to present all input user data at the time the CGI program is starting.

Also, I detected one (single) situation now where environment variable CONTENT_TYPE was empty (as set by IIS7) even though CONTENT_LENGTH was non-zero.
I have never seen that before, and thus I wonder if this also may be due to the fact that the content-type setting has not been received/identified by IIS7 when the CGI program was launched.

Strange?
I'm continuing investigating. Does it even exist a "disable INPUT buffering to CGI" config setting in IIS7?
0
 

Accepted Solution

by:
Stefan Lennerbrant earned 0 total points
ID: 39829460
The problem was eventually solved by continuing reading (trying over and over again) in the CGI script.

The root cause seems to be that IIS7 uses its setting "uploadReadAheadSize" to buffer input data to the script. When "enough" data has been read, about 40-50kb, the script is invoked.

Thus, when the script tries to read end user input, it might not yet be available. Changing the script to looping (for at least some seconds) to really retrieve all data as specified in CONTENT_LENGTH, solves the problem.

Increasing the IIS7 uploadReadAheadSize setting is another method, of course.
0
 

Author Closing Comment

by:Stefan Lennerbrant
ID: 39843882
Eventually solved
0

Featured Post

A Cyber Security RX to Protect Your Organization

Join us on December 13th for a webinar to learn how medical providers can defend against malware with a cyber security "Rx" that supports a healthy technology adoption plan for every healthcare organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

#SSL #TLS #Citrix #HTTPS #PKI #Compliance #Certificate #Encryption #StoreFront #Web Interface #Citrix XenApp
Microservice architecture adoption brings many advantages, but can add intricacy. Selecting the right orchestration tool is most important for business specific needs.
We’ve all felt that sense of false security before—locking down external access to a database or component and feeling like we’ve done all we need to do to secure company data. But that feeling is fleeting. Attacks these days can happen in many w…
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…

840 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question