DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://nagoya.apache.org/bugzilla/show_bug.cgi?id=17178>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE.
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=17178 if user-agent sends cookies that add up more than 4K SocketInputStream throws an exception Summary: if user-agent sends cookies that add up more than 4K SocketInputStream throws an exception Product: Tomcat 4 Version: 4.1.20 Platform: All OS/Version: All Status: NEW Severity: Normal Priority: Other Component: Catalina AssignedTo: [EMAIL PROTECTED] ReportedBy: [EMAIL PROTECTED] The SocketInputStream class reads HTTP headers up to a maximum of 4096 bytes (HttpHeader.MAX_VALUE_SIZE), after that it fails logging the exception in catalina's log. I assume they hardcoded this limit assuming the maximum length of a single Cookie (4K). However, browsers append cookies into a single Cookies header separating the cookies with ';'. If you have 2 cookies going with the same request and adding up more than 4K, then the request fails. Offending code [SocketInputStream, line 461]: if ((2 * maxRead) <= HttpHeader.MAX_VALUE_SIZE) { As browsers are recommended to support at least 20 cookies to a single web site of 4K each, the value of the HttpHeader.MAX_VALUE_SIZE should be 20 bigger. [This applies to all 4.x versions] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]