Simon Francesco Simon Francesco - 1 month ago 10
HTTP Question

In IIS7.5 what module removes the body of a 400 Bad Request

I have written ASP.NET (4.0) code that sets the Response.StatusCode to 400 if the data posted to the server is in valid.

I place useful information in the response body in the format that the request accepts header asks for. eg an html message saying "The date field is required...".

In IIS7 (7.5.7600) on Windows 7 I get the correct html response back to the browser.

In IIS7 (7.5.6000) on Windows 2008 I do not get the html body back, but only a text body with "Bad Request" as the content.

Can someone point me to how I change the configuration of the 2008 server to return the body.

Or is there a difference between these versions of IIS?

Maybe a module in the Machine.config?

For example I know (and have had to work around) that the FormsAuthentication module changes a 401 to a 302 even if you do not want this. May be there is a module that stops the content of a 400 being sent.



Solution: edited the web.config system.webServer section and set httpErrors existingResponse attribute to "PassThrough" et voilá fixed.

    <httpErrors existingResponse="PassThrough"></httpErrors>

Well 2 things got me think about this issue:
1. the classic CustomErrors behaviour because I was comparing localhost with a remote server
2. the first wouldn't explain how some of my other Authentication 'errors' were getting through intact

I dug around and came across this article on IIS7: How to Use HTTP Detailed Errors in IIS 7.0

It didn't fully pertain to what I found when editing the web.config maybe due me using IIS7.5 but it was enough to get me into the right neighbourhood.