HTTP error 406 with .NET Framework 3.0

I got a couple of cases about this problem recently… Imagine this scenario: you install the .NET Framework 3.0 on your client, and then browse an ASP.NET based web site; you get a 406 HTTP return code from the web server, which means “Client browser does not accept the MIME type of the requested page” (see IIS status codes). Uninstalling the .NET Framework 3.0 corrects the problem, and you’re finally able to successfully browse the site.

The problem proved itself in two different ways and apparently for two different reasons, but the underlying cause was actually the same. The 406 return code also means that any of the configuration limits has been reached, and digging into IIS logs we found that the problem was actually due to the length of the “Accept” header which has a limit of 256 bytes. Installing the .NET Framework 3.0 you receive support for a few additional file formats, here is how it looks the Accept header on Windows Vista (where the .NET Framework 3.0 is preinstalled):

Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-ms-application,
application/, application/xaml+xml, application/x-ms-xbap, application/,
application/, application/msword, application/x-shockwave-flash, */*

In this case there was a custom ISAPI extension which was actually filtering the incoming headers, and was blocking our request because it exceeded the configured length: to resolve the problem the customer simply increased the size limit configured within that specific ISAPI to let the requests to through. Anyway another solution was to reduce the number of Accept types, just the standard ones.

The second customer was using a third party web server which we then discovered was able to accept a relatively short User-Agent string; the customer did not have any “power” on the web server to reconfigure it, so we only possibility left was reduce the header as much as possible on the client. The nice thing is that the User-Agent string is stored in a couple of registry key and even if that’s not an ideal solution it was the only possibility we had, we decided to manually tweak those values; the first we looked at was HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform. On the right side you have a list of strings added to the User-Agent string which will be appended after the platform string (as the Post Platform name suggests); in case you need to add a custom string before the platform string, you can add a Pre Platform key. Just in case you’re curious (or you’re really desperate trying to reduce your User-Agent as much as possible) the platform part of the string is stored in HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings > User Agent. For further infos have a look at Understanding User-Agent strings and Internet Explorer 7 User-Agent string.

If you need to tweak the User-Agent string be very careful and test it closely before deploying into production, since you might break client-side scripts which needs to identify the specific browser or platform version you’re using; ASP.NET also relies on the User-Agent string to identify the browser and produce markup compliant with that specific platform (does it support javascript? embedding videos? is a mobile browser? does it support CSS? etc…). See Determining Browser Capabilities in ASP.NET and Control adapters.


Quote of the day:
Your manuscript is both good and original, but the part that is good is not original and the part that is original is not good. – Samuel Johnson

Comments (2)

  1. EricLaw [MSFT] says:

    Great post, thanks!  We’ve seen this manifested on a few other servers as well, and the IE team has contacted a number of vendors to get products updated to handle longer Accept and User-Agent headers.