Showing posts with label 400. Show all posts
Showing posts with label 400. Show all posts

Wednesday 11 April 2018

HTTP 400 bad request response

Problem:  I have an old SharePoint 2013 custom application that is partially loading, The application has not encountered the error in several years that it has been running).  This is only happening for 1 user out of thousands and occurs on Chrome and IE.  I can see some in the IE developer toolbar that some requests are showing 200 responses, and some are showing 400 responses from the web servers.  The SP WFE's are load balanced, and all WFE's are showing the 400.

Initial Hypothesis:  Only 1 user has the issue.  Some URL requests work, and other are malformed (return 400 errors) on the same WFE.   The user on a different machine still fails.  Using a different browser, the user still fails.  The user is forming a malformed request.  It appears to be a problem with the specific user to a particular site collection and is likely to be the HTTP Header request.
Using the browser settings/Fiddler or Dev toolbars get the error details, i.e.
HTTP 400 – Bad Request - The size of the request headers is too long.
Alternatively, user the IE browser and turn on friendly, to identify if the issue is the HTTP header request is too long.

Possible Resolution: Look at the request header, it may be too long for the WFE to handle.  As making the header smaller is generally not an option, look to increase the size of the requests IIS allows for HTTP requests (HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\HTTP\Parameters).  As this is production issue and I can't replicate to a lower environment, I need to use a host entry to get my offending user to only be accessing a single WFE where the fix is applied.  By using the NLB and updating IIS, I can ensure the fix works without disrupting my user base.
See https://www.grouppolicy.biz/2013/06/how-to-configure-iis-to-support-large-ad-token-with-group-policy/