是否有实际的HTTP头长度的限制？ [英] Is there a practical HTTP Header length limit?

问题描述

我有一个Web应用程序，使用添加上下文信息，以 XmlHtt prequest 对象 setRequestHeader API。我使用的是自定义标题名称（例如，x-美孚）和 JSON 结构化的价值。这不是URL查询字符串或POST身体的一部分，因为它是关于请求的元信息。

I have a web application that adds contextual information to XmlHttpRequest objects using the setRequestHeader API. I am using a custom header name (e.g. X-Foo) and a JSON structured value. It isn't part of the URL QueryString or POST body because it is meta information about the request.

是否有实际大小限制头价值？如果我的JSON被截断，它成为不可解析。我最关心的是Apache 2中，Tomcat的6和IIS 7我做了谷歌搜索 HTTP头长度限制，但许多结果似乎过时的限制。有在一些相关的意见有多大可以用户代理字符串获取？但不具体，我想。

Is there a practical size limit to the header value? If my JSON gets truncated, it becomes unparseable. I am most concerned with limits in Apache 2, Tomcat 6 and IIS 7. I did a Google search for http header length limit, but many of the results seem dated. There are some relevant comments in How big can a user agent string get? but not as specific as I would like.

编辑：
我只是碰到这种类似的问题跑 - 最大的HTTP标头值

推荐答案

是的，但限制是可配置和依赖于平台。例如， Tomcat的有8K的默认限制。我相信，IIS 6，不知道IIS 7，有16K的限制。我使用集成Windows身份验证几个网站时遇到了这一点。原来我的安全令牌是太大EN codeD插入头部时。幸运的是，这些是可配置的。 IIS的注册表设置可以在 http://support.microsoft.com/kb/820129 被发现。我相信键设置更改为MaxFieldLength（每个标题的大小）和MaxRequestBytes（请求的总大小）。

Yes, but the limits are configurable and dependent on platform. For example, Tomcat has a default limit of 8K. I believe that IIS 6, not sure about IIS 7, has a limit of 16K. I ran into this when using integrated windows authentication for several web sites. Turns out my security token was too large when encoded into the header. Fortunately, these are configurable. Registry settings for IIS can be found at http://support.microsoft.com/kb/820129. I believe the key settings to change are MaxFieldLength (per header size) and MaxRequestBytes (total size of request).

这篇关于是否有实际的HTTP头长度的限制？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！