Re: status code for header fields to big

On Thu, Jun 30, 2011 at 02:46:37PM +0200, Julian Reschke wrote:
> Hi,
> 
> I quickly ran some tests, and the results are (with what I suppose are 
> the default settings):
> 
> Apache-Coyote/1.1 (Tomcat):
> 
> Limit for a single header field: ~8000
> Limit for all fields: ~8000
> Status Code: 400
> 
> Apache/2.2.14:
> 
> Limit for a single header field: ~8180
> Limit for all fields: > 16000
> Status Code: 400
> 
> microsoft.com:
> 
> Limit for a single header field: ~16000
> Limit for all fields: ~16000
> Status Code: 400
> 
> google.com:
> 
> Limit for a single header field: ~15400
> Limit for all fields: > 15400
> Status Code: 400 (413 for the larger values)
> 
> 
> So 413 doesn't seem to be used in general for this case.
> 
> Should it? In that case we should clarify the spec...

I think we should target 413 for this. Every time I got reports
of 400 due to too large requests, it wasted several persons' time
trying to figure what was wrong. Anyway if a UA doesn't know about
413, its interpretation falls back to 400 as for any unknown 4xx.

Just my 2 cents,
Willy

Received on Thursday, 30 June 2011 13:12:05 UTC