tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Slawek Zachcial <>
Subject header value too long - 400 error - is that good?
Date Sat, 09 Feb 2002 11:44:52 GMT

I have the following problem. I think it's more for
Tomcat developers than for users so I'm posting it

Let's say you have three servers (not Tomcat :-).,, Each of
these servers sets a very long permanent cookie on
client's machine. The client uses all three servers.
Now, let's say you have your great app running on

Finally let's say the cookie domain for devX is set to

So all the cookies (from devX) are sent back to your
tomcat app when you try to access its pages. 

In that case tomcat generates HTTP 400. I checked in
the source code and it seems that the header value
size limit is set to 4K.

The bottom line is that some other web applications
may prevent your app users to access your tomcat app.
I had that experience :-(((.

Maybe the "400 error" behaviour should be slightly
modified. Instead of sending this error maybe only 4K
should be read from header value? But I guess there
may be some other concerns behind the scene (ex.


Do You Yahoo!?
Send FREE Valentine eCards with Yahoo! Greetings!

To unsubscribe, e-mail:   <>
For additional commands, e-mail: <>

View raw message