InvalidOperationException in case when default form value length limit exceeded. #27585
Labels
area-networking
Includes servers, yarp, json patch, bedrock, websockets, http client factory, and http abstractions
bug
This issue describes a behavior which is not expected - a bug.
Milestone
First reported at #27493
Make a 5 Mb x-www-form-urlencoded POST request with a pretty long field.
Result:
If they change FormOptions.ValueLengthLimit to bigger value - everything works fine.
If they debugged via IIS Express they correctly see a model error like "Failed to read the request form. Form value length limit 4194304 exceeded."
Cause:
There's a disparity between these two calls to AdvanceTo:
aspnetcore/src/Http/WebUtilities/src/FormPipeReader.cs
Lines 104 to 120 in 5086449
If there's a large field that is under the limit in the first buffer, but then loops and exceeds the limit, the examined parameter is set back to Start instead of End.
Fix:
The fix seems to be to add buffer.End to the AdvanceTo in the catch block so it's greater or equal to the prior value. I'll prep a PR.
I don't know why there's different results on IIS Express, but it may just be a matter of different buffer alignments.
The text was updated successfully, but these errors were encountered: