0

HttpWebRequest is used to download files from ASP.NET site with basic authentication. Everything works fine in many cases, but some proxies make answer chunked and HttpWebRequest.GetResponse() throws an exception if answer with 401 status code is chunked. The exception is:

    System.Net.WebException: The server committed a protocol violation.  
    Section=ResponseStatusLine
    at System.Net.HttpWebRequest.GetResponse()
Trace of answer is:<pre>
"HTTP/1.1 401 Authorization Required\r\nDate: Fri, 26 Jun 2009 04:45:18 GMT\r\nServer: Microsoft-IIS/6.0\r\nX-Powered-By: ASP.NET\r\nX-AspNet-Version: 2.0.50727\r\nWWW-Authenticate: Basic realm=\"iis-server\"\r\nCache-Control: private\r\nContent-Type: text/html; charset=iso-8859-1\r\nVia: 1.1 server\r\nKeep-Alive: timeout=15, max=100\r\nConnection: Keep-Alive\r\nTransfer-Encoding: chunked\r\nContent-Language: en\r\n\r\n0\r\n\r\n0\r\n\r\n

I made test and found out that Transfer-Encoding: chunked is the only one reason of exception. Is this bug of .NET Framework 2.0 or there any RFC says that 401 answer shouldn't be chunked?

Rui Jarimba
  • 11,166
  • 11
  • 56
  • 86

1 Answers1

1

I actually think the error isn't that Chunked Transfer Encoding (CTE) isn't allowed, I think it's that the server is doing the CTE incorrectly. If you look at the response body, it's looking like this: 

Language: en \r\n
\r\n
0 \r\n
\r\n
0 \r\n
\r\n

If you notice, there are two 0 length chunks in the response body. The CTE RFC requires that the last chunk of a message be a 0 length chunk, and, by extension, no previous chunk can be of zero length. In this message, you have 0 zero length chunks which is a protocol violation of CTE.

This is akin to setting a content length header for a message and then transmitting more data than is allowed by that content length header.

Sean Turner
  • 1,178
  • 2
  • 10
  • 14