F5 is upgrading its customer support chat feature on My.F5.com. Chat support will be unavailable from 6am-10am PST on 1/20/26. Refer to K000159584 for details.

Forum Discussion

mjb109's avatar
mjb109
Icon for Nimbostratus rankNimbostratus
Dec 05, 2018

PeopleSoft ASM policy and Max URI Length

Hi there ASMers. We've run into what I hope is not a unique situation. We've had a rapid deployment policy running in transparent mode sitting in front of our PeopleSoft/PeopleTools instance, and we ...
ASM Advanced WAF
security
Chris_Grant's avatar
Chris_Grant
Icon for Employee rankEmployee
Dec 07, 2018

Generally keeping your URIs under 2000 characters is considered best practice, so 2048 should be fine. Having said that, RFC7230 says:

 

Various ad hoc limitations on request-line length are found in practice. It is RECOMMENDED that all HTTP senders and recipients support, at a minimum, request-line lengths of 8000 octets.

 

Given a standard 8 bit character in utf-8 encoding, that would be 1000 characters.

 

As a matter of course, if your site is requiring longer URIs and this is not in error, I would find out from the webmaster what the longest URI he would expect is and set the value to that. This is also a good opportunity to find out if this is in fact an error, and if so get it fixed.