web analytics
Sign In | Register
Welcome, Guest

maxRequestLength vs. maxAllowedContentLength in ASP.NET

 Options
Previous Topic Next Topic

codeling 1599 - 6654
@2022-07-20 20:46:51

The maxRequestLength indicates the maximum file upload size supported by ASP.NET, the maxAllowedContentLength specifies the maximum length of content in a request supported by IIS. Maximum file sizes differ based on the operating system and its associated version of Internet Information Server (IIS). In most cases, sites will be hosted on IIS7 or later, so the maximum size of a file is the smallest of the two settings.

By default, the maximum size of a file to be uploaded to the server using the FileUpload control is around 4MB.
This value can be increased by modifying the maxRequestLength attribute in the web application’s configuration file (web.config)

<system.web>

            <httpRuntime maxRequestLength="153600" executionTimeout="900" />

</system.web>

In addition, the default maximum length of content in a request supported by IIS is around 28.6 MB.
This value can be increased by modifying the maxAllowedContentLength attribute in the web application’s configuration file (web.config)

<system.webServer>

    <security>

    <requestFiltering>

       <requestLimits maxAllowedContentLength="157286400" />

     </requestFiltering>

    </security>

</system.webServer>

The way the pipeline works is that the IIS value (maxAllowedContentLength) is checked first, then the ASP.NET value (maxRequestLength) is checked. If the content exceeds the IIS value (maxAllowedContentLength), then the user will get a 404.13 error page. If the content exceeds the ASP.NET value (maxRequestLength), then a exception is thrown (System.Web.HttpException: Maximum request length exceeded.) This excepton is typically caught by the web app, and is handled based on the <customErrors> setting (under <system.web>)
@2022-07-20 20:53:57

Note that maxRequestLength is in KB whereas maxAllowedContentLength is in bytes.

maxRequestLength is stored as a .net integer and therefore can be set as high as 2147483647 (approximately 2000 GB).

maxAllowedContentLength is stored as a .net uint and therefore can only store numbers as high as 4,294,967,295 (approximately 4GB as the value is for size in bytes). This means that the maximum size for a file for any recent version of IIS is 4GB.

 

 

 
@2022-07-20 20:56:45

To support 10MB uploads, you'll alter this to 10240

<httpRuntime useFullyQualifiedRedirectUrl="true" maxRequestLength="10240" requestLengthDiskThreshold="10240" />

Please note, you only need to alter the maxRequestLength to support larger uploads. However the requestLengthDiskThreshold specifies how much of an upload should be streamed to memory (RAM), before buffering the rest to disk. As RAM is typically an order of magnitude faster than disk, if you have a reasonable amount of RAM then it's common to update it to the same value. DO NOT make it larger, as that has been shown to cause issues.
@2022-07-20 21:11:37

How to handle all this for a better user experience

What is the proper value for both settings depends on how you deal with the error. If the file (request) length (say, 15MB) is less than maxAllowedContentLength (say, 30MB) but more than maxRequestLength (say, 10MB), the user will get the standard ASPX error page. If it’s the other way around, we’ll get an IIS error page instead.
Previous Topic Next Topic

Comments
You must Sign In to comment on this topic.


© 2024 Digcode.com