Set the length limit of get and post data on the server.

I. Cause
After a project is released, the bug statistics Appendix "post-release issues" contains:
Problem Cause Analysis remarks
During CSV processing, if the number of topics to be processed is too large, the maximum number of URL parameters is incorrect. If a variable-length parameter is passed through the URL method, this potential error may occur. 1. Two issues occurred, and the Development did not promptly send relevant precautions to the team members through checklist or other methods;
2. No big batch data test was performed during the test. 1. Add the data to the checklist as experience to enhance group sharing and check results;
2. Check whether the test points are complete and focus on testing common issues in development;
By confirming the original GUI status of the module, when CSV output is performed, the content of the CSV file cannot be output when the output result is large. The size of post data cannot exceed kb. This is a new problem. It has never been met before, nor has it been tested for a large amount of data. This type of check is listed in the checklist.

As an accumulation of experience, these problems, causes and solutions will be included in the checklist, then:
The first question: is the upper limit of URL parameters accurate? What is the upper limit?
The second question: why is there a limit on post data? Is the limit kb?
Ii. Problem Analysis
1. First:
1) The URL does not have a maximum of parameters. This problem is actually caused by the restriction on the URL Length of IE.
2) the HTTP protocol specification does not limit the URL length. This restriction is imposed by specific browsers and servers. The length of the URL is limited to 2083 bytes (2 k + 35) by IE ). For other browsers, such as Netscape and Firefox, there is no length limit theoretically. The limit depends on the support of the operating system. [Parameter 1]
3) "variable-length parameters are passed through URL" means that the get method is used when the form is submitted, rather than the POST method. This potential error is caused by the use of the get method to submit form data. Because the get method places the data in the URL and passes it to the server for processing.
4) Note that this limit is the length of the entire URL, not just the length of your parameter value data.
5) since it is the restriction on the URL Length of IE, this restriction exists in both get and post methods.
(For details about form get and post methods, refer to relevant materials [parameter 2]).
Suggestion:
1) understand the environment where an application is located, such as the Web application browser and server environment, and its specific parameter restrictions.
2) try to use the post method when submitting complex data. Note that the get method is used by default when the form does not write the method attribute.
Conclusion (write to checklist ):
When submitting data using the get method, you must consider the URL length limit of 2083 bytes in the IE environment.
2. Second:
1) theoretically, there is no size limit on post. The HTTP protocol specification does not limit the size.
2) "there is a K size limit on the size of Post Data" is not accurate enough. There is no limit on post data, and the limit is the processing capability of the server's processing program.
3) for ASP programs, the request object has a k Data Length limit when processing each form field. However, if request. binaryread is used, there is no such restriction. For solutions to process data in more than K form fields, see [parameter 3].
4) This extension adds the limit [parameter 4] for IIS 6.0 and Microsoft for security reasons. Note:
By default, IIS 6.0 has a maximum ASP post data volume of KB, and each form field is limited to kb.
By default, IIS 6.0 uploads a file up to 4 MB.
By default, IIS 6.0 has a maximum request header of 16 kb.
These restrictions are not available before IIS 6.0.
Suggestion:
1) figuring out the default settings of the runtime environment helps you design and quickly solve problems.
2) consider the server version. Different versions of IIS have different default settings for these parameters. If necessary, sort out a reference table. This provides a reference for development and testing.
3) These restrictions of IIS 6.0 are only the default values. You can modify them in the actual application environment.
In winnt/system32/inetsrv/metabase. XML, the following parameters are defined by default:
Aspbufferinglimit = "4194304" corresponds to the maximum size of the uploaded file
Aspmaxrequestentityallowed = "204800" corresponds to the maximum post data volume
Conclusion (write to checklist ):
When using ASP, you need to consider the KB limit for reading and processing each field of the post form. Whether to use request. Binary