|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Gregory Steuck (greg_at_nest.cx)
Date: Wed Jul 10 2002 - 16:18:03 CDT
>>>>> "Sanjay" == Sanjay Venkat <Venkat> writes:
Sanjay> 2. The GET method has a limitation on the size of the data
Sanjay> that can be sent. Though some webservers have buffers to
Sanjay> deal with data larger than the recommended 4KB, some
Sanjay> web/appservers buffers will overflow. (This has been a DoS
Sanjay> expliot in the past)
Could somebody please refer me to a standards document stating just that?
I was looking for such limits recently and here's what I found:
http://www.w3.org/Protocols/rfc2616/rfc2616-sec3.html#sec3.2.1
--- The HTTP protocol does not place any a priori limit on the length of a URI. Servers MUST be able to handle the URI of any resource they serve, and SHOULD be able to handle URIs of unbounded length if they provide GET-based forms that could generate such URIs. A server SHOULD return 414 (Request-URI Too Long) status if a URI is longer than the server can handle (see section 10.4.15). ---
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]