In majority of the IT infrastructures, there are network devices such as load balancers, proxies, and firewalls in fron of the web servers. These devices may edit requests and responses while transmitting them.
I have recently troubleshot a web application that was taking too much time to load. In the logs, we saw this error:
Microsoft.OData.Client.DataServiceRequestException: An error occured while processing this request
System.Net.WebException: “The server committed a protocol violation. Section=ResponseStatusLine”
One of the most common cause of the “The server committed a protocol violation” is the corrupt or missing headers in the request.
When IIS receives a request, it checks if headers are complete. If there is an issue with headers, it may reject the request and throw an exception.
Based on my experience, the change in the requests and responses are made by mostly network devices in between the client and IIS server.
Solution for “The server committed a protocol violation” error
Review the flow of the traffic. If the flow is similar to the one below, try to bypass network devices one by one and see if the application works.
User -> Load Balancer 1 -> API consumer application -> Middle-ware -> Load Balancer 2 -> Web Service -> Database
In my case, the application worked without issues when we bypassed Load Balancer 2. We also performed a test by replacing it with another load balancer. It also worked. These tests showed that there is an issue with the load balancer.
Workarounds on IIS side
There are ways for IIS to ignore corrupted/missing headers. However, these are workarounds/patches. They don’t solve the root cause which is -possibly- caused by a network device.
I am listing these workaround below but I don’t recommend implementing them in most scenarios as they may cause unforeseen issues in the future.
- Set UseUnsafeHeaderParsing value to “true” in web.config. This will ignore the header validation errors.
<system.net> <settings> <httpWebRequest useUnsafeHeaderParsing="true" /> </settings> </system.net>
- Set KeepAlive to “false”. This will prevent keeping the connection open which is mentioned to solve the violation error in many resources
<configuration> <system.webServer> <httpProtocol allowKeepAlive="false" /> </system.webServer> </configuration>
- Set Expect100Continue to “true”. This will ensure that the client doesn’t send the entire data before getting confirmation from the server about request headers
<system.net> <settings> <servicePointManager expect100Continue="false"/> </settings> </system.net>
Another issue I came across with network devices is that extreme health probe requests which flooded IIS logs. Here are the details: IIS receives too many requests from the user-agent Edge+Health+Probe