ASP.NET Core 7 : edit requests to controller with large request returns 400 error

Question

I'm using ASP.NET Core 7. I have an update form which results in an http 400 error for large dataset updates. It works fine when the data being updated is smaller. The error I get is

This page isn't working. If the problem continues, contact the site owner. HTTP ERROR 400

The update method on the controller is set to HTTP POST.

For large data set edits, the POST method is not hit at all. If I run a Chrome debug console, I see the failed to load resource error which points to chrome-error://chromewebdata/. I have tried installing Postman Interceptor and capturing the request. It captures it successfully and does not show any issues. I am able to browse the data.

The data seems to be sent as x-www-form-ulrencoded. Is this my issue? Is there a limit to POST data size? Is there a way to increase this limit?

My controller code looks like this

[Authorize]
public async Task<IActionResult> Edit(int id)
{
    // . . . 

    [Authorize]
    [HttpPost]
    [ValidateAntiForgeryToken]
    public async Task<IActionResult> Edit(ReticleSetEntity entity)
    {
        if (ModelState.IsValid)
        {
            // . . . 
        }
        // ....
    }
}

The HTML looks like this

<form id="reticleset-form" asp-action="Edit" >
<div class="card mt-4">
. . .

Many thanks for any help

Answer 1

The specifics about the request contents and size could help. Also, limits could be added by your hosting environment (e.g. IIS).

But here you can find few options to change the limits: https://www.textcontrol.com/blog/2019/12/20/documentviewer-configuring-aspnet-for-larger-requests/.

Updated

Form value count limit could be configured via FormOptions.ValueCountLimit. You can do it while configuring services:

builder.Services.Configure<FormOptions>(options => options.ValueCountLimit = 5000);

Answer 2

I figured this puppy out. Firstly I removed the [Authorize] and [ValidateAntiForgeryToken] attributes from my post method. This allowed a form submit to actually hit the post method. It was returning a null payload but I was able to see a validation error message thus - "Failed to read the request form. Form value count limit 1024 exceeded." Once I had this, I was able to find a great article showing how to increase this limit. The solution involves creating a new "RequestFormSizeLimitAttribute" attribute and decorating the post method with it as per option 2. https://www.kellton.com/kellton-tech-blog/how-submit-large-number-form-values-aspnet-core#:~:text=If%20you%20wish%20to%20submit,and%20key%20length%20above%201024.

public class RequestFormSizeLimitAttribute : Attribute, IAuthorizationFilter, IOrderedFilter
{
    private readonly FormOptions _formOptions;

    public int Order { get; set; }


    public RequestFormSizeLimitAttribute(int valueCountLimit)
    {
        _formOptions = new FormOptions() { ValueCountLimit = valueCountLimit };
    }


    public void OnAuthorization(AuthorizationFilterContext context)
    {
        var features = context.HttpContext.Features;
        var formFeature = features.Get<IFormFeature>();
        if (formFeature == null || formFeature.Form == null)
        {
            features.Set<IFormFeature>(new FormFeature(context.HttpContext.Request, _formOptions));
        }
    }

Use in the controller thus

[HttpPost]
[Authorize]
[RequestFormSizeLimit(valueCountLimit: 20000, Order = 1)]
[ValidateAntiForgeryToken(Order = 2)]
public async Task<IActionResult> Edit(ReticleSetEntity entity)
{
    if (ModelState.IsValid)
     . . .