tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Deacon Marcus" <deacon_mar...@wwtech.pl>
Subject RE: Maximum url length
Date Tue, 05 Feb 2002 19:12:03 GMT
Hi,
It's not a good idea. Try changing GET to POST. In case you don't know -
request uris are often cached, logged, etc, so sending any data, especially
passwords in them is a suicide or worse.

http://www.w3.org/Protocols/rfc2616/rfc2616-sec3.html#sec3.2.1
"The HTTP protocol does not place any a priori limit on the length of a URI.
Servers MUST be able to handle the URI of any resource they serve, and
SHOULD be able to handle URIs of unbounded length if they provide GET-based
forms that could generate such URIs. A server SHOULD return 414 (Request-URI
Too Long) status if a URI is longer than the server can handle (see section
10.4.15).

      Note: Servers ought to be cautious about depending on URI lengths
      above 255 bytes, because some older client or proxy
      implementations might not properly support these lengths."

Greetings, deacon Marcus

> -----Original Message-----
> From: karkoma [mailto:abambala@genasys.es]
> Sent: Tuesday, February 05, 2002 7:48 PM
> To: Tomcat Users List
> Subject: Maximum url length
>
>
> Hi...
>
> I'm trying to send a long uri to Tomcat 3.3 but it complains with
> error code
> 414, (414 Request-URI Too Long). However Apache can handle the same url.
>
> Is there a way to tell Tomcat to admit long uris / urls??
> Something like this
>
>  lynx -dump
> "localhost:8080/ABC/myservlet?request=%3C%3Fxml+version%3D%221.0%2
> 2+encoding%3D%22UTF-8%22%3F%3E%0D%0A%3CGPPR%3E%0D%0A%09%3CFUNCION+
type%3D%22UPDATE%22%3EcreateUser%3C%2FFUNCION%3E%0D%0A%09%>
3CAUTENTIFICATION%3E%0D%0A%09%09%3CCLIENT%3Ecesar%3C%2FCLIENT%3E%0
> D%0A%09%09%3CCLI_PASSWD%3Ecesar%3C%2FCLI_PASSWD%3E%0D%0A%09%09%3CU
SER_LOGIN%3Ecesar%3C%2FUSER_LOGIN%3E%0D%0A%09%09%3CUSER_PASSWD%3Ecesar%>
3C%2FUSER_PASSWD%3E%0D%0A%09%3C%2FAUTENTIFICATION%3E%0D%0A%09%3CPA
> RAMETERS+identype%3D%22MSISDN%22%3E%0D%0A%09%09%3CATTRIBUTE+name%3
> D%22USER%22+param%3D%22Y%22%3E%0D%0A%09%09%09%3COBJECT%3E%0D%0A%09
> %09%09%09%3CCLASS%3EUSER%3C%2FCLASS%3E%0D%0A%09%09%09%09%3CCONTENT
> S%3E%0D%0A%09%09%09%09%09%3CATTRIBUTE+name%3D%22TIMEOUTVALIDATE%22
> %3E%0D%0A%09%09%09%09%09%09%3CINT+val%3D%220%22%2F%3E%0D%0A%09%09%
> 09%09%09%3C%2FATTRIBUTE%3E%0D%0A%09%09%09%09%09%3CATTRIBUTE+name%3
> D%22MASTERLOC%22%3E%0D%0A%09%09%09%09%09%09%3CCHAR+val%3D%22N%22%2
> F%3E%0D%0A%09%09%09%09%09%3C%2FATTRIBUTE%3E%0D%0A%09%09%09%09%09%3CATT!
> RIBUTE+name%3D%22PUBLIC%22%3E%0D%0A%09%09%09%09%09%09%3CCHAR+val%3
> D%22N%22%2F%3E%0D%0A%09%09%09%09%09%3C%2FATTRIBUTE%3E%0D%0A%09%09%
> 09%09%09%3CATTRIBUTE+name%3D%22NAME%22%3E%0D%0A%09%09%09%09%09%09%
> 3CSTRING+val%3D%22UserTest%22%2F%3E%0D%0A%09%09%09%09%09%3C%2FATTR
IBUTE%3E%0D%0A%09%09%09%09%09%3CATTRIBUTE+name%3D%22MSISDN%22%3E%0D%0A%>
09%09%09%09%09%09%3CSTRING+val%3D%2234686966458%22%2F%3E%0D%0A%09%
> 09%09%09%09%3C%2FATTRIBUTE%3E%0D%0A%09%09%09%09%09%3CATTRIBUTE+nam
> e%3D%22USERDATA%22%3E%0D%0A%09%09%09%09%09%09%3CSTRING+val%3D%22Da
tos+de+Utest%22%2F%3E%0D%0A%09%09%09%09%09%3C%2FATTRIBUTE%3E%0D%0A%09%>
09%09%09%09%3CATTRIBUTE+name%3D%22IDPROFILE%22%3E%0D%0A%09%09%09%0
> 9%09%09%3CINT+val%3D%221%22%2F%3E%0D%0A%09%09%09%09%09%3C%2FATTRIB
UTE%3E%0D%0A%09%09%09%09%09%3CATTRIBUTE+name%3D%22VALIDATED%22%3E%0D%>
0A%09%09%09%09%09%09%3CCHAR+val%3D%22Y%22%2F%3E%0D%0A%09%09%09%09%
> 09%3C%2FATTRIBUTE%3E%0D%0A%09%09%09%09%09%3CATTRIBUTE+name%3D%22DA
TEINS%22%3E%0D%0A%09%09%09%09%09%09%3CSTRING+val%3D%22%!
> 22%2F%3E%0D%0A%09%09%09%09%09%3C%2FATTRIBUTE%3E%0D%0A%09%09%09%09%
> 3C%2FCONTENTS%3E%0D%0A%09%09%09%3C%2FOBJECT%3E%0D%0A%09%09%3C%2FAT
TRIBUTE%3E%0D%0A%09%3C%2FPARAMETERS%3E%0D%0A%3C%2FGPPR%3E%0D%0A"
>
> Thanx.
> Alberto
>
> --
> To unsubscribe:   <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
> For additional commands: <mailto:tomcat-user-help@jakarta.apache.org>
> Troubles with the list: <mailto:tomcat-user-owner@jakarta.apache.org>
>
>


--
To unsubscribe:   <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
For additional commands: <mailto:tomcat-user-help@jakarta.apache.org>
Troubles with the list: <mailto:tomcat-user-owner@jakarta.apache.org>


Mime
View raw message