Rip's Domain

500 error in IIS7 with ColdFusion and huge form posts or coldfusion.filter.FormScope$PostParametersLimitExceededException: POST parameters

Posted in ColdFusion by rip747 on July 19, 2013

Last night I was bitten by exceeding the parameter limit on form posts with Coldfusion (9.02), here within abbreviated as ACF. Basically if you installed the 9.02 CHF 1 or installed security hotfix APSB12-06 on an earlier version of ACF, it will restrict your form post to 100 fields. Why they think this is a good security measure is beyond me, but that’s what it does

Anywho, the issue is that you OBVIOUSLY know don’t if you’re going to run into the 100 field limitation until your clients start calling you because they are receiving a 500 error. The bad part about this, is that the error happens at the IIS level so the request never even gets to ACF, hence you wouldn’t receive an error email from ACF if you had that setup (you do have ACF emailing you when errors occur, correct?)

The work around is simple though, and is described in another security hotfix (APSB12-15). Basically you open the neo-runtime.xml file, find the following line:

<var name=’postSizeLimit’><number>100.0</number></var>

and add the following right after itL

<var name=’postParametersLimit’><number>10000.0</number></var>

BTW, you can make that number whatever you want. I choose 10,000, because well, why not.

Then restart ACF and everything should be cool… right? WRONG!

Even after I did this, I still got the 500 error. After like an hour, I decide to open up the neo-runtime.xml file again and did a search for `postParametersLimit`. Guess what, not only was the line that I added in there, but there was a second instance of the line somewhere in the middle of the file. Now I didn’t put it in there, so I’m wondering if maybe it was included in the ACF 9.02 version I downloaded already. Whatever. I just removed the second instance and everything is working now.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: