- From: Lou Montulli <montulli@mozilla.com>
- Date: Fri, 09 Feb 1996 14:37:21 -0800
- To: Henrik Frystyk Nielsen <frystyk@w3.org>
- Cc: Neil Katin <katin@amorphous.com>, NED@innosoft.com, fielding@avron.ICS.UCI.EDU, http-wg%cuckoo.hpl.hp.com@hplb.hpl.hp.com
Henrik Frystyk Nielsen wrote:
> The problem is more that many implementations use static buffers of, let's say
> 1024 bytes for reading the HTTP request line. If the request line is longer
> than the buffer then the application dies or is open for security attacks.
> This was the case with a version of the NCSA server and also a version of the
> Netscape client, I believe.
The problem you are probably refering to, only occured with
really long hostnames. The size of the URL (hostname excluded) is
theoretically infinate.
:lou
--
Lou Montulli http://www.netscape.com/people/montulli/
Netscape Communications Corp.
Received on Friday, 9 February 1996 14:40:48 UTC