If an Internet Information Server/Services (IIS) filter returns SF_STATUS_REQ_READ_NEXT from the SF_NOTIFY_READ_RAW_DATA notification, IIS may return an error message to the client under certain conditions.
Do not use an SF_NOTIFY_READ_RAW_DATA filter to acquire POSTed data in a filter. Retrieved the date in an ISAPI extension, Common Gateway Interface (CGI) file, or Active Server Pages (ASP) page. However, you can use an SF_NOTIFY_READ_RAW_DATA notification in a filter that performs on-the-fly compression or encryption (similar to the Sspfilt.dll secure sockets layer [SSL] encryption file).
Compression and/or encryption filters may need to access data in chunks larger than the initial chunks that are available when the SF_NOTIFY_READ_RAW_DATA notification is called. To accomplish this, the filter must return SF_STATUS_REQ_READ_NEXT, which causes another SF_NOTIFY_READ_RAW_DATA notification to be posted with the previous and next chunk of data received. Note that unless there is data to read, the filter will not receive an SF_NOTIFY_READ_RAW data notification with the new data.
Be careful when HttpFilterProc returns SF_STATUS_REQ_READ_NEXT. This notification alters the normal IIS request processing behavior and prevents IIS from parsing incoming data on the headers and the body. Instead IIS will buffer all received data for further parsing. Normal IIS processing will resume (in other words, IIS will parse the buffered data) after the read raw data filter stops returning SF_STATUS_REQ_READ_NEXT. IIS has a limit on how much data it will allow a Read Raw Data filter to read through the use of SF_STATUS_REQ_READ_NEXT.
In Internet Information Server 4.0, the buffer size is 2 MB. After SF_STATUS_REQ_READ_NEXT is returned enough times to cause the filter to read more than 2 MB of data, IIS returns a "500 Server Error" message to the client. The body of the error says "The data area passed to the call is too small."
On Internet Information Services 5.0, the buffer size was reduced to 128 KB. After SF_STATUS_REQ_READ_NEXT is returned enough times to cause a filter to read more then 128 Kb of data, IIS returns a "400 Invalid Request" error message to the client. This behavior is by design.
The solution for this problem is not
to read the entire POSTed data when you use read raw filter notifications. Instead, a read raw data filter should read chunks that are just big enough to decrypt or uncompress incoming data. You can set the size of the next read when return SF_STATUS_REQ_READ_NEXT to the desired size with ServerSupportFunction (..., SF_REQ_SET_NEXT_READ_SIZE, ...).
In Internet Information Services 5.0 Service Pack 4 (SP4), the buffer size was reduced to 16 KB.WARNING
: If you use Registry Editor incorrectly, you may cause serious problems that may require you to reinstall your operating system. Microsoft cannot guarantee that you can solve problems that result from using Registry Editor incorrectly. Use Registry Editor at your own risk.
The following registry value controls the size of the buffer:
This is a DWORD value that is equal to the size of the buffer in bytes. If it is not there, then the defaults listed above are taken.
For additional information, click the article numbers below to view the articles in the Microsoft Knowledge Base:
ISAPI Filter Stops Responding When HttpFilterProc Returns SF_STATUS_REQ_READ_NEXT
Description of the MaxClientRequestBuffer Registry Value