- From: Lou Montulli <montulli@mozilla.com>
- Date: Fri, 09 Feb 1996 14:37:21 -0800
- To: Henrik Frystyk Nielsen <frystyk@w3.org>
- Cc: Neil Katin <katin@amorphous.com>, NED@innosoft.com, fielding@avron.ICS.UCI.EDU, http-wg%cuckoo.hpl.hp.com@hplb.hpl.hp.com
Henrik Frystyk Nielsen wrote: > The problem is more that many implementations use static buffers of, let's say > 1024 bytes for reading the HTTP request line. If the request line is longer > than the buffer then the application dies or is open for security attacks. > This was the case with a version of the NCSA server and also a version of the > Netscape client, I believe. The problem you are probably refering to, only occured with really long hostnames. The size of the URL (hostname excluded) is theoretically infinate. :lou -- Lou Montulli http://www.netscape.com/people/montulli/ Netscape Communications Corp.
Received on Friday, 9 February 1996 14:40:48 UTC