You receive more than one "400 bad request" response to one HTTP request in IIS
This article was written about products for which Microsoft no longer offers support. Therefore, this article is offered "as is" and will no longer be updated.
If data that is longer than 49,155 bytes is posted to Microsoft Internet Information Services (IIS) 5.0 or IIS 5.1, and the receiving application does not completely read the data, IIS returns the following HTTP error message to the client:
400 - Bad Request
When IIS receives data that is to be passed to an Internet Server API (ISAPI) extension such as Active Server Pages (ASP), IIS reads ahead a certain number of bytes and then puts this data in a buffer. Any additional data remains in the network socket and waits to be read. If the receiving application does not read the additional data when the application finishes processing, the remaining data is interpreted as the start of another request from the client.
To resolve this problem, make sure that the application reads all the data that the client sends. For example, the data can be read in ASP by using the 'Request.BinaryRead(Request.TotalBytes)' method.
This behavior is by design.
The IIS UploadReadAheadSize metabase property determines the amount of data that IIS reads ahead and buffers for a request for an ISAPI extension. By default, this value is 49152.
IIS buffer 400 'bad request' UploadReadAheadSize 49152
Article ID: 810957 - Last Review: 06/20/2014 07:27:00 - Revision: 2.0