ASP.NET MS11-100: how can I change the limit on the maximum number of posted form values? value="10000000000" not working

Go To StackoverFlow.com

0

I am getting this error message.

Server Error in '/' Application.
Operation is not valid due to the current state of the object.
Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

Exception Details: System.InvalidOperationException: Operation is not valid due to the current state of the object.

Source Error:

An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.

Stack Trace:

[InvalidOperationException: Operation is not valid due to the current state of the object.]
   System.Web.HttpValueCollection.ThrowIfMaxHttpCollectionKeysExceeded() +2420322
   System.Web.HttpValueCollection.FillFromEncodedBytes(Byte[] bytes, Encoding encoding) +58
   System.Web.HttpRequest.FillInFormCollection() +159

[HttpException (0x80004005): The URL-encoded form data is not valid.]
   System.Web.HttpRequest.FillInFormCollection() +217
   System.Web.HttpRequest.get_Form() +104
   Microsoft.Web.Infrastructure.DynamicValidationHelper.<>c__DisplayClass8.<MakeCollectionsLazy>b__2() +12
   Microsoft.Web.Infrastructure.DynamicValidationHelper.<>c__DisplayClass12.<ReplaceCollection>b__e() +61
   Microsoft.Web.Infrastructure.DynamicValidationHelper.<>c__DisplayClass12.<ReplaceCollection>b__11() +17
   Microsoft.Web.Infrastructure.DynamicValidationHelper.DeferredCountArrayList.get_Count() +17
   System.Collections.Specialized.NameObjectCollectionBase.get_Count() +15
   System.Web.HttpRequest.ValidateNameValueCollection(NameValueCollection nvc, RequestValidationSource requestCollection) +23
   System.Web.HttpRequest.get_Form() +150
   System.Web.HttpRequestWrapper.get_Form() +11
   System.Web.Mvc.HttpRequestExtensions.GetHttpMethodOverride(HttpRequestBase request) +126
   System.Web.Mvc.AcceptVerbsAttribute.IsValidForRequest(ControllerContext controllerContext, MethodInfo methodInfo) +41
   System.Web.Mvc.HttpGetAttribute.IsValidForRequest(ControllerContext controllerContext, MethodInfo methodInfo) +40
   System.Web.Mvc.<>c__DisplayClass11.<RunSelectionFilters>b__d(ActionMethodSelectorAttribute attr) +24
   System.Linq.Enumerable.All(IEnumerable`1 source, Func`2 predicate) +145
   System.Web.Mvc.ActionMethodSelector.RunSelectionFilters(ControllerContext controllerContext, List`1 methodInfos) +319
   System.Web.Mvc.ActionMethodSelector.FindActionMethod(ControllerContext controllerContext, String actionName) +59
   System.Web.Mvc.ReflectedControllerDescriptor.FindAction(ControllerContext controllerContext, String actionName) +62
   System.Web.Mvc.ControllerActionInvoker.FindAction(ControllerContext controllerContext, ControllerDescriptor controllerDescriptor, String actionName) +16
   System.Web.Mvc.ControllerActionInvoker.InvokeAction(ControllerContext controllerContext, String actionName) +105
   System.Web.Mvc.Controller.ExecuteCore() +116
   System.Web.Mvc.ControllerBase.Execute(RequestContext requestContext) +97
   System.Web.Mvc.ControllerBase.System.Web.Mvc.IController.Execute(RequestContext requestContext) +10
   System.Web.Mvc.<>c__DisplayClassb.<BeginProcessRequest>b__5() +37
   System.Web.Mvc.Async.<>c__DisplayClass1.<MakeVoidDelegate>b__0() +21
   System.Web.Mvc.Async.<>c__DisplayClass8`1.<BeginSynchronous>b__7(IAsyncResult _) +12
   System.Web.Mvc.Async.WrappedAsyncResult`1.End() +62
   System.Web.Mvc.<>c__DisplayClasse.<EndProcessRequest>b__d() +50
   System.Web.Mvc.SecurityUtil.<GetCallInAppTrustThunk>b__0(Action f) +7
   System.Web.Mvc.SecurityUtil.ProcessInApplicationTrust(Action action) +22
   System.Web.Mvc.MvcHandler.EndProcessRequest(IAsyncResult asyncResult) +60
   System.Web.Mvc.MvcHandler.System.Web.IHttpAsyncHandler.EndProcessRequest(IAsyncResult result) +9
   System.Web.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() +8969201
   System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +184


Version Information: Microsoft .NET Framework Version:4.0.30319; ASP.NET Version:4.0.30319.272 

I have tried doing the suggested fix off

<appSettings>
   <add key="aspnet:MaxHttpCollectionKeys" value="1001" />
</appSettings>

I tried putting it at some crazy number

<add key="aspnet:MaxHttpCollectionKeys" value="10000000000" />

yet it still gives me the same error (I have alot of fields but not that many). I am using asp.net mvc 3 (razor). I am using .net 4.0.

I am sending the whole form by jquery ajax(seralizeArrary) so I don't know if that has something to do with it or not.

2012-04-05 17:17
by chobo2
Have you also tried a reasonable number, like 32000 or so? Because for me the fix works as advertised - Lucero 2012-04-05 17:23
I would look with Fiddler to see how the form data is being passed to the server. It could be that data is in a way that is confusing .NET and hence you are getting such (a perhaps misleading) error - Hector Correa 2012-04-05 18:00
@Lucero. I guess your right. 32000 seems to work. Maybe my number was too big? I am not sure what it uses to store the value as. Is there a way also to limit it to which forms this is allowed on and not global as it seems to be right now - chobo2 2012-04-05 20:50


0

Use a more reasonable value such as 32000, that works fine for me.

Is there a way also to limit it to which forms this is allowed on and not global as it seems to be right now?

No, I don't think that is is possible to handle this setting per form. This is because the values are parsed very eary before the routing takes place, but only after routing it would be known what "form" this belongs to.

2012-04-06 09:37
by Lucero
hmmm. Can you put it in sub web.configs (I tried but it did not seem to work so I might be doing it wrong.). I am just thinking that the form I have is in an admin section but I don't want client facing forms to be open my site up to possible DOS attacks because of it. Would be nice if you could get some more find grain control - chobo2 2012-04-07 17:24
I already gave you the reason: the parsing happens before the routing, and for controllers (from the stack trace it's clear that you use MVC which implies routing) there is no content directory anyways. So the best you can probably do is to use a number high enough for normal requests to always succeed but still as low as posible to reduce DOS risks - Lucero 2012-04-08 09:30
I was not aware that routing had an effect on the other web.config files - chobo2 2012-04-09 16:09
Well, since the nested web.config files are directory-bound, but the routing "eliminates" serving files directly from directories in favor of executing code, directory-based web.configs don't play a role in that case (you don't have the same directory structure, and even then, which directory should be used? The one of the controller? The one of the view? Both somehow merged? - Lucero 2012-04-09 17:35


0

Following are the limits:

  1. MaxHttpCollectionKeys is an int, so it could have a max value of an integer (int.MaxValue: 2,147,483,647)
  2. Minimum value is 1
  3. Default value is 1000

enter image description here

Check on MSDN

2015-12-02 06:31
by SHEKHAR SHETE
Ads