Forum Discussion

Nimbostratus

Dec 05, 2018

PeopleSoft ASM policy and Max URI Length

Hi there ASMers. We've run into what I hope is not a unique situation. We've had a rapid deployment policy running in transparent mode sitting in front of our PeopleSoft/PeopleTools instance, and we ...

ASM Advanced WAF

security

Chris_Grant

Employee

Dec 07, 2018

Generally keeping your URIs under 2000 characters is considered best practice, so 2048 should be fine. Having said that, RFC7230 says:

Various ad hoc limitations on request-line length are found in practice. It is RECOMMENDED that all HTTP senders and recipients support, at a minimum, request-line lengths of 8000 octets.

Given a standard 8 bit character in utf-8 encoding, that would be 1000 characters.

As a matter of course, if your site is requiring longer URIs and this is not in error, I would find out from the webmaster what the longest URI he would expect is and set the value to that. This is also a good opportunity to find out if this is in fact an error, and if so get it fixed.

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)