34 lines
1.1 KiB
Markdown
34 lines
1.1 KiB
Markdown
## Throttle concurrent requests per session
|
|
|
|
### Scope
|
|
Edge
|
|
|
|
### Version Introduced
|
|
4.7
|
|
|
|
### Source Analyzer Status
|
|
NotPlanned
|
|
|
|
### Change Description
|
|
In the .NET Framework 4.6.2 and earlier, ASP.NET executes requests with the same Sessionid sequentially, and ASP.NET always issues the Sessionid through cookie by default. If a page takes a long time to respond, it will significantly degrade server performance just by pressing F5 on the browser. In the fix, we added a counter to track the queued requests and terminate the requests when they exceed a specified limit. The default value is 50. If the the limit is reached, a warning will be logged in the event log, and an HTTP 500 response may be recorded in the IIS log.
|
|
|
|
- [x] Quirked
|
|
- [ ] Build-time break
|
|
|
|
### Recommended Action
|
|
To restore the old behavior, you can add the following setting to your web.config file to opt out of the new behavior.
|
|
|
|
```xml
|
|
<appSettings>
|
|
<add key="aspnet:RequestQueueLimitPerSession" value="2147483647"/>
|
|
</appSettings>
|
|
```
|
|
|
|
### Affected APIs
|
|
* Not detectable via API analysis
|
|
|
|
### Category
|
|
ASP.NET
|
|
|
|
<!-- breaking change id: 169 -->
|