This step-by-step article describes different methods to
turn off the "Show Friendly HTTP Error Messages" feature on the server.
When you access Web pages from Internet Explorer 5.x
and Internet Explorer 6.x
, the actual text of an HTTP 500 message that is sent to the
browser may be masked by an Internet Explorer "friendly" error message.
Although you can turn off this feature manually for each client, this article
also provides several server-side workarounds to inhibit the display of
"friendly" error messages.
According to the HTTP 1.1 specification,
Internet Information Services (IIS) 5.0 returns a status code of 500 for any
response that is not handled by another 1xx
, or 5xx
status code, such as "302 - Object Moved", or "404 - File not
Found". Because IIS 4.0 does not strictly follow RFC 2616, it returns Active
Server Pages (ASP)-based Microsoft Visual Basic Scripting Edition (VBScript)
errors with a status code of 200.
For more information about the
HTTP 1.1 specification, visit the following Web site:
Several frequently-seen status codes have "friendly" error
messages that Internet Explorer 5.x
displays and that effectively mask the actual text message that
the server sends. However, these "friendly" error messages are only displayed if the response that is sent to the client is less than or equal to a specified threshold. For example, to see the exact text of an HTTP 500 response, the content length must be greater than 512 bytes.
For additional information about all status codes that
display friendly error messages and the registry location for the corresponding
error threshold to override that friendly message, click the article number
below to view the article in the Microsoft Knowledge Base:
Description of Hypertext Transport Protocol Error Messages
To display the actual message that the Web server
sends, use one of the following methods.
- Turn off the friendly error message option in the browser
- In Internet Explorer 5.x and 6.x, on the Tools menu, click Internet Options.
- On the Advanced tab, under the Browsing section, click to clear the Show friendly HTTP error messages check box, and then click OK.
- Close the browser.
- Use the Internet Explorer Administration Kit or System
Policies to push the Show friendly HTTP error messages option down to clients. For more information about how to
configure the "Custom ASP Errors" feature, visit the following Microsoft Web
- Use the "Custom ASP Errors" feature in IIS 5.0 to pad the
response that the server sends with enough characters to override the friendly
error messages. To download the "Custom ASP Errors" feature, visit the
following Microsoft Web site:
- Implement this padding. To do this, use the VBScript String function to return a string of the same character, which is one
more than the ErrorThreshold that Internet Explorer 5.x uses to display the friendly error message. For example, add the
following line immediately before the </body> tag of 500-100.asp:
<% Response.Write String(513, "_") %>
- Configure the general 500 error to use Type=URL and 500-100.asp instead of Type=Default. By default, the 500 error is configured to use Type=Default.For additional information, click the article number below to
view the article in the Microsoft Knowledge Base:
NOTE: IIS internally processes some HTTP 500 responses that are sent
to the client as another HTTP status code. That internal status code is changed
to 500 before the response to the client is sent. This is the case with the ASP
Response.Status method. In these cases, the custom ASP error code is not checked
in IIS. To work around these situations, use an Internet Server Application
Programming Interface (ISAPI) filter that determines the status code that is
sent to the client after IIS processes the page.
Creating Custom ASP Error Pages
Use an ISAPI filter that forces the content length of all HTTP
500 responses to be larger than 512 bytes, effectively padding all 500
responses so that they are large enough to override the "friendly" error
setting in Internet Explorer 5.x
. Padresponse.exe is a sample ISAPI filter (and its source code)
that demonstrates how to pad the response that is sent to the client (based on
receiving an HTTP 500 status code).
The following file is available for
download from the Microsoft Download Center:
Download Padresponse.exe now
Collapse this imageExpand this image
Release Date: April
For additional information about how to download Microsoft
Support files, click the following article number to view the article in the
Microsoft Knowledge Base:
How to Obtain Microsoft Support Files from Online Services
Microsoft scanned this file for viruses. Microsoft used the most
current virus-detection software that was available on the date that the file
was posted. The file is stored on security-enhanced servers that help to
prevent any unauthorized changes to the file.
For additional information, click the
article numbers below to view the articles in the Microsoft Knowledge Base:
HTTP 500 Error Displays Instead of ASP Error from 500-100.asp
HOWTO: Install an ISAPI Filter Dynamic-Link Library