You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by bu...@apache.org on 2005/09/20 21:29:23 UTC
DO NOT REPLY [Bug 36742] New: -
Missing diagnostics in InternalInputBuffer on overly long headers
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG�
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=36742>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND�
INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=36742
Summary: Missing diagnostics in InternalInputBuffer on overly
long headers
Product: Tomcat 5
Version: 5.0.28
Platform: Other
OS/Version: other
Status: NEW
Severity: normal
Priority: P5
Component: Connector:HTTP
AssignedTo: tomcat-dev@jakarta.apache.org
ReportedBy: greg-apache-bugs@nest.cx
Currently, if a request comes in with a header longer than
maxHttpHeaderSize, Tomcat drops the connection and does not log
anything.
Here is what it looks like from client point of view with the default
maxHttpHeaderSize of 4K.
Overly long header:
% curl -H "$(perl -e 'print q{X: }, q{a}x10000')" http://tomcat/admin/
curl: (52) Empty reply from server
I am adding a small diagnostic message to catch such cases (patch
attached).
With that patch in place we get a nice message in the logs and we can
grep and see how often we hit the limit:
jvm 1 | Sep 15, 2005 6:51:45 PM org.apache.coyote.http11.InternalInputBuffer fill
jvm 1 | INFO: Request header is too large
--
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org