Recipe 9.1 Overriding Default HTTP Runtime Parameters in web.config


9.1.1 Problem

You want to change the default HTTP runtime settings for your application, such as the execution timeout setting.

9.1.2 Solution

Modify the web.config file by adding ASP.NET HTTP runtime settings to it.

  1. Locate the web.config file in the root directory of your application (or create one if it does not already exist).

  2. Add an <httpRuntime> element and set the executionTimeout and other attributes required for your application:

     <?xml version="1.0" encoding="utf-8" ?> <configuration>   <system.web>  <httpRuntime executionTimeout="90"   maxRequestLength="4096"   useFullyQualifiedRedirectUrl="false" />  </system.web> </configuration> 

9.1.3 Discussion

It can be useful to modify the default HTTP runtime settings in web.config so that users of your application can upload large files, for example. But another, perhaps more important, motivation for this recipe is to demonstrate in a fairly unobtrusive way how you can easily override the predefined settings for your application by adding elements, such as the <httpRuntime> element, to the default web.config file that Visual Studio .NET creates.

The following is a description of the attributes we've used with the <httpRuntime> element, which are the most commonly used attributes:


The executionTimeout attribute of <httpRuntime> defines the maximum amount of time in seconds that a request is allowed to run before it is automatically terminated by ASP.NET. The default value is 90 seconds. If your application has requests that take longer, such as a long-running database query, you can increase the value. The value can be any positive integer value (1 to 2,147,483,647), but large numbers are not practical.


The maxRequestLength attribute defines the maximum size of a file that can be uploaded by the application. The value is in KB and has a default value of 4096 (4MB). If your application needs to support uploading files larger than 4MB, you can change the value as required. The valid range is 0 to 2,147,483,647.

Denial-of-service attacks can be launched by initiating the upload of many large files simultaneously . Therefore, the maxRequestLength should be set as small as possible to meet the needs of your application.


The useFullyQualifiedRedirectUrl attribute is a flag indicating whether fully qualified URLs should be used when ASP.NET performs a redirection. Setting the value to false (the default) configures ASP.NET to use relative URLs (e.g., /ASPNetCookbook/ProblemMenu.aspx ) for client redirects. Setting the value to true configures ASP.NET to use fully qualified URLs (e.g., http://localhost/ASPNetCookbook/ProblemMenu.aspx ) for all client redirects. If you are working with mobile applications, be aware that some devices require fully qualified URLs.

The <httpRuntime> element contains other attributes, including those that provide control over threads used by your application and the number of requests that are allowed to be queued before requests are rejected. Consult the Microsoft documentation on the <httpRuntime> element for full details of these attributes.

9.1.4 See Also

MSDN documentation on the httpRuntime element (search for "httpRuntime element")

ASP. NET Cookbook
ASP.Net 2.0 Cookbook (Cookbooks (OReilly))
ISBN: 0596100647
EAN: 2147483647
Year: 2006
Pages: 179

Similar book on Amazon © 2008-2017.
If you may any questions please contact us: