About http header

http header length limit

RFC does not define but servers in practice have.

Apache: 8K
nginx: 4K - 8K
IIS: (varies by version): 8K - 16K
Tomcat (varies by version): 8K - 48K

SPNEGO authentication headers can be up to 12392 bytes. refer (http://httpd.apache.org/docs/2.4/mod/core.html#limitrequestfieldsize)

refer http-request-header-size-limits

http header fields size limit

Apache has.

LimitRequestFields default to 100

if we have 1Kb buffer size , minus meta line end headers end, 1024 - 4 = 1020, each header at least 3 bytes + line end, 1020 / 5, will able have 204 fields in theory.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

About http header

http header length limit

http header fields size limit

Clone this wiki locally