Restrictions and solutions on the amount of data carried by Get requests, descriptions of Post requests, and getpost

Restrictions and solutions on the amount of data carried by Get requests, descriptions of Post requests, and getpost
1. Restrictions on the amount of data carried by Get requests and Solutions

The size and length of the data submitted by the Http Get method are not limited. The HTTP protocol specification does not limit the URL length. This restriction is imposed by specific browsers and servers.

The first online problem to be handled by a new company is a product page. If access fails on a certain machine, nginx Returns Error 400, but no problem occurs on other machines, that is, using a virtual machine to reconstruct the hardware and software environment of the faulty machine will not cause any problems.

After packet capture on the http request of the faulty machine, it is found that the URL is too long and the cookie is large. Then the problem is very clear, because most people use the IE browser, and the IE browser limits the URL length, after automatic truncation, the total http header does not exceed the nginx limit and can be returned normally. The same browser does not limit the URL length, but the cookie length is short, it does not cause a 400 error if it does not exceed the nginx header Buffer range limit.

The solution is to modify the application servers used by nginx and tomcat to support larger header buffers. Of course, in terms of compatibility, the fundamental solution is not to pass too long parameters through the GET method.

=========================== The restrictions and handling methods of various browsers listed below ==================== ==================

Appendix: URL length restrictions for various browsers (unit: number of characters)
IE: 2083
Firefox: 1, 65536
Chrome: 1, 8182
Safari: 80000
Opera: 1, 190000

 

Appendix: URL length restrictions for each Web Server (unit: number of characters)

Apache (Server)

The maximum length of a url is 8,192 characters.

Microsoft Internet Information Server (IIS)

The maximum allowed url length is 16,384 characters.

We can see from the above data that, in order to allow all users to browse normally, the URL should not exceed the maximum length limit of IE (2083 characters). Of course, if the URL is not directly provided to the user, instead, it is provided to the program for calling. The length is only affected by the Web server.

NOTE: For the transmission of Chinese characters, the URL encoding format will be passed. If the browser code is UTF8, the final length of a Chinese character is 9 characters.

Therefore, if you use the GET method, the maximum length is equal to the maximum length of the URL minus the number of characters in the actual path.

Appendix: Maximum number of cookies allowed by browsers in domains
IE: 20, and then 50
Firefox: 50
Opera: 30
Chrome: 180
Safari: Unlimited


Appendix: Maximum length of each Cookie allowed by the browser
 
Firefox and Safari: 4079 bytes
Opera: 4096 bytes
IE: 4095 bytes


Appendix: Set header parameters for each application server

Nginx: client_header_buffer_size and large_client_header_buffers
Tomcat: maxHttpHeaderSize Tomcat get Request Length settings:
<Connector port = "8080" maxHttpHeaderSize = "65536" 2. POST request length limit

Theoretically, there is no size limit for POST. The HTTP protocol specification does not limit the size of the server, which limits the processing capability of the server's processing program.

For example, remove the POST size limit under Tomcat (Tomcat defaults to 2 MB );

Open the conf directory under the tomcat directory, open the server. xml file, and modify

<Connector

Debug = "0"

AcceptCount = "100"

ConnectionTimeout = "20000"

DisableUploadTimeout = "true"

Port = "8080"

RedirectPort = "8443"

EnableLookups = "false"

MinSpareThreads = "25"

MaxSpareThreads = "75"

MaxThreads = "150"

MaxPostSize = "0"

URIEncoding = "GBK"

>

</Connector>

Add the red font section maxPostSize = "0" (set to 0 to cancel the size limit of POST)