HTTP protocol limits on URI length, post data length, and cookie length

Source: Internet
Author: User
HTTP protocol limits on URI length, post data length, and cookie length

1. URL length limit


In the Http1.1 protocol, there is no limit to the length of the URL, as described in the RFC protocol, the HTTP protocol does not limit the length of the URI, the server must be able to handle any of the services they provide a more acceptable URI, and be able to handle an infinite length of the URI, If the server cannot handle a long URI, then the 414 status code should be returned.
Although the HTTP protocol specifies, the Web server and browser have their own length limits for URIs.
Server restrictions: I touch the most server type is Nginx and Tomcat, for the length limit of the URL, they are controlled by the length of the HTTP request header to limit, nginx configuration parameter is large_client_header_buffers, Tomcat's request configuration parameter is maxhttpheadersize and can be set on its own.
Browser restrictions: Each browser also has a limit on the length of the URL, the following are the URL length restrictions for several common browsers: (in characters)

ie:2803

firefox:65536

chrome:8182

safari:80000

opera:190000


For GET requests, there is no limit to the number of parameters requested within the length limit of the URL.

2. Length limit for post data


The length limit of the post data is similar to the URL length limit, and there is no specified length limit in the HTTP protocol, and the length limit can be implemented in a way that configures the maximum HTTP request header length on the server side.

3. Limitations on the length of cookies


The length limit of a cookie is summed up in so many ways.
(1) The maximum number of cookies allowed by the browser for each domain, not to test themselves, the information found on the Internet is probably the case

IE: Originally 20, then upgraded to 50

Firefox:50 A

Opera:30 A

Chrome:180 A

Safari: Unlimited


Browser behavior when the number of cookies exceeds the limit: IE and opera use the LRU algorithm to erase old, infrequently used cookies, and Firefox's behavior is to randomly kick out the values of certain cookies. Of course, no matter what the strategy, try not to let the number of cookies exceed the scope allowed by the browser.
(2) Maximum length of each cookie allowed by the browser

Firefox and safari:4079 bytes

opera:4096 bytes

ie:4095 bytes


(3) The limit of the length of the HTTP request header in the server. Cookies are attached to each HTTP request header for delivery to the server and are therefore also affected by the length of the server's request header.

  • Related Article

    Contact Us

    The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

    If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

    A Free Trial That Lets You Build Big!

    Start building with 50+ products and up to 12 months usage for Elastic Compute Service

    • Sales Support

      1 on 1 presale consultation

    • After-Sales Support

      24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.