Thanks Mark for the update. Seems like there is a potential bug in our client components which happened to keep on adding to existing header list.
https://tomcat.apache.org/tomcat-8.5-doc/config/http.html From the documentation: maxHttpHeaderSize :The maximum size of the request and response HTTP header, specified in bytes. If not specified, this attribute is set to 8192 (8 KB). Although some online searches (e.g. https://serverfault.com/questions/56691/whats-the-maximum-url-length-in-tomcat) suggest that this maxHttpHeaderSize applies to request line as well, could the documentation be made more elaborate? Can we mention that this attribute puts the upper bound on combined size of all request headers and the request line? Thanks, Amit On 11/3/18, 4:39 AM, "Mark Thomas" <ma...@apache.org> wrote: On 03/11/2018 01:35, Amit Pande wrote: > Thanks Chris. Yes, I will soon send out the patch for review. Logically, I can see some hurdles for such a patch that are going to be difficult to overcome. Tomcat will process all of the received data up to the limit. It is on the subsequent read to get more data that the exception is thrown. The issue is how to determine which header is actually the problem as it may not be the one currently being read. Consider the following: ReqLine - 1024 bytes Headers - 5 * 128 bytes Header - 1 * 6*1024 bytes Headers - 5 * 128 bytes Is the problem the 6k header? The 1k request line? Has the client duplicated the block of 5 128 byte headers? Or is the request valid and Tomcat's limit too low? There is no way for Tomcat to determine where the root cause lies. The only reliable way to figure out what went wrong is for a knowledgeable system admin to look at the complete set of headers. Mark --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
