Mysterious System.Threading.ThreadAbortException thrown in .aspx web page

I have an ASP.NET web application that has been throwing the exception:

A first chance exception of type ‘System.Threading.ThreadAbortException’ occurred in mscorlib.dll
An exception of type ‘System.Threading.ThreadAbortException’ occurred in mscorlib.dll but was not handled in user code

I’ve ignored it for months since it didn’t seem to have any negative affect on the web application – not to mention, I’ve been too lazy to figure out what was causing the exception. Until today…

After a few minutes of troubleshooting I determined that the ThreadAbortException was being thrown at a line of code that was calling the Response.Redirect() method.

Here’s an example of my code that was throwing…

        //On the Sign In button's Click event, call the business layer to authenticate a username and password
        protected void btnSignIn_Click(object sender, EventArgs e)
        {
            //If the user was authenticated, redirect the user to the home page. Otherwise, stay on the Sign In page and show an error.
            if (BAL.User.AuthenticateUser(this.txtUsername.Text, this.txtPassword.Text))
                Response.Redirect("~/default.aspx");
            else
                this.ShowFailedAuthenticationMessage();
        }

The specific line that was throwing was the call to the Response.Redirect(“~/default.aspx”) method.

The Response.Redirect() method has two overloads:

  1. Redirect(string url)
  2. Redirect(string url, bool endResponse)

It turns out that the second overload is pretty important and is certainly worth knowing about. Per Microsoft:

When you use this method in a page handler to terminate a request for one page and start a new request for another page, set endResponse to false and then call the CompleteRequest() method. If you specify true for the endResponse parameter, this method calls the End method for the original request, which throws a ThreadAbortException exception when it completes. This exception has a detrimental effect on Web application performance, which is why passing false for the endResponse parameter is recommended. For more information, see the End method.

ref: http://msdn.microsoft.com/en-us/library/a8wa7sdt(v=VS.100).aspx

Specifying “false” for the “endResponse” parameter did, in fact, resolve the exception that I was getting. The updated code:

        //On the Sign In button's Click event, call the business layer to authenticate a username and password
        protected void btnSignIn_Click(object sender, EventArgs e)
        {
            //If the user was authenticated, redirect the user to the home page. Otherwise, stay on the Sign In page and show an error.
            if (BAL.User.AuthenticateUser(this.txtUsername.Text, this.txtPassword.Text))
                Response.Redirect("~/default.aspx", false);
            else
                this.ShowFailedAuthenticationMessage();
        }

The cause of the exception error per Microsoft:

The Response.End method ends the page execution and shifts the execution to the Application_EndRequest event in the application’s event pipeline. The line of code that follows Response.End is not executed.

This problem occurs in the Response.Redirect and Server.Transfer methods because both methods call Response.End internally.

ref:http://support.microsoft.com/default.aspx?scid=kb;en-us;312629

It’s worth noting that specifying “false” value for the endResponse param is not the same as calling the return(); statement of the method. Unlike the return statement that will immediately exit the current method when called, any code that exists after the Response.Redirect(“~/default.aspx”, false); call will still be executed.

Although the exception error has been resolved, I’m now curious about the Microsoft remark “set endResponse to false and then call the CompleteRequest() method.“. What’s up with that?

Also, a similar function to Response.Redirect() is the Server.Transfer() method. Understanding the differences and similarities between the two redirect’s is worth the read.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s