HttpSelfHostServer returns 400 Invalid URL for valid urls

Question

We have a windows service that is using HttpSelfHostServer and it works most of the time, however, we recently found a bug where 'long' urls where always being thrown out as invalid.

An example of 'good' url: http://localhost:35353/api/files/ZmlsZTovLy9DOi9Vc2Vycy9kYXZpZC9Eb3dubG9hZHMvU2FtcGxlIERvY3VtZW50cy9BWklQUEVSXzAwMDc0OTUuaHRt/permissions

An example of a 'invalid' url:http://localhost:35353/api/files/ZmlsZTovLy9DOi9Vc2Vycy9kYXZpZC9Eb3dubG9hZHMvU2FtcGxlIERvY3VtZW50cy9BQkNERUZHSElKS0xNTk9QUVJTVFVWV1hZWjEyMzQ1Njc4OTBBQkNERUZHSElKS0xNTk9QUVJTVFVWV1hZWjEyMzQ1Njc4OTAvQUJDREVGR0hJSktMTU5PUFFSU1RVVldYWVoxMjM0NTY3ODkwL0FCQ0RFRkdISUpLTE1OT1BRUlNUVVZXWFlaMTIzNDU2Nzg5MEFCQ0RFRkdISUpLTE1OT1BRUlNUVVZXWFlaMTIzNDU2Nzg5MC50eHQ=/permissions

I've noticed that when the encrypted string, {file}, between /files/{file}/permissions is greater than 260 characters it fails but when it is less it works. Is 260 the hard limit or is there any way to increase this? Thanks for the help!

Answer 1

That sounds like MAX_PATH is being used to constrain the URLs - this is a filesystem limitation that I guess has been built into the self hosting server.

See "Maximum Path Length Limitation" here: http://msdn.microsoft.com/en-us/library/aa365247.aspx

Answer 2

To specify an extended-length path, use the "\\?\" prefix. For example,

\\?\D:\very long path

instead of

D:\path

Answer 3

I don't have experience on self hosted APIs, but it may be a problem in the length of the URL or the query string, so you may want to take a look into this: request exceeds the configured maxQueryStringLength when using [Authorize]