Why is it a security concern to modify http.sys registry entries to allow web service to accept a longer query string?
I have an Http web service running on IIS. The Http service will be exposed to the public internet, but only authenticated client requests will be processed by the web service. The service allows clients to write complex queries using quer… Continue reading Why is it a security concern to modify http.sys registry entries to allow web service to accept a longer query string?