Investigating HTTP 400 Bad Request Errors in Web Access

Recently, one of our customers reported an issue with Web Access causing some users to get HTTP 400 Bad Request errors.

HTTP 400 errors usually indicate that the request sent by the browser cannot be understood by the Web server. I’d recommend that you use a HTTP debugging proxy such as Fiddler to investigate such errors to see the underlying cause.

Header Too Long

If you see a Header Too Long error in Fiddler logs, one of the common causes for this is that you have users that belong to many Active Directory groups, which increases the size of the authentication headers the browser sends to the Web Server.

Workaround

The workaround is to increase the header size limit in IIS on the machine where you have Web Access installed:

1. Open Regedit
2. Go to HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\HTTP\Parameters
3. Add a new DWORD value named MaxFieldValue
4. Enter 32768 as a decimal value
5. Add a new DWORD value named MaxRequestBytes
6. Enter 500000 as a decimal value
7. Restart the computer

This will increase the maximum accepted request sizes and should fix the HTTP 400 Bad Request – Header Too Long error.