I am trying to develop an ISAPI filter and/or ISAPI extension for IIS 7.5 that will drop connection if a string found in POST data being submitted ONLY to file Z.aspx, that's it.
So if request URL is for anything other than XYZ.aspx, just pass it and let the normal execution flow continue.
if POST data is bigger than 48kb, just let it go.
if POST data's first 48kb data, had specific string DROP the connection.
So I tried to do it in ISAPI filter:
Result: IIS 7.5 doesn't allow SF_NOTIFY_READ_RAW_DATA, therefore no access to POST data in ISAPI filter.
Then I decided to try ISAPI extension:
Result: ISAPI extension gets executed when specific URL and handler is requested, therefore IIS expects ISAPI extension to create the resulting HTML and pass it to browser. It does not let me:
a) Get request URL
b) If conditions are not met, simply pass the execution flow and let ASP.NET handler continue.
Please advise!