OSDir


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [users@httpd] Large authorization header returning error 400


Hi,
These settings are set globaly, however they are defined after the Vhost is included.
Could it be the origin of the problem?

Thanks




De : William A Rowe Jr <wrowe@xxxxxxxxxxxxx>
Envoyé : mercredi 29 août 2018 18:08
À : users@xxxxxxxxxxxxxxxx
Objet : Re: [users@httpd] Large authorization header returning error 400
   



On Wed, Aug 29, 2018 at 3:12 AM, Audebert Bernard  <bernard.audebert@xxxxxx> wrote:

The request work fine with Authorization header line of up to at least 5674 bytes but break with Authorization header of more than 6178 bytes with the following answer :

Here is an excert of the server-info page we have activated to ensure that the LimitRequestFieldSize was high enough (curently set at ~40k)


    129: LimitRequestBody 52428800
    130: LimitRequestFields 50
    131: LimitRequestFieldsize 40960
    132: LimitRequestLine 40960



These settings are global? Or did you restrict them to a named vhost? You don't give enough context here.


It is too late to limit them in a vhost, because the limits are applied during the reading of the request from network, before the host (other than first-physical ip:port host) has been deciphered.


Move these to the global config and it should be fine.       

Attachment: Outlook-1515063290.png
Description: Outlook-1515063290.png

Attachment: Outlook-1515063297.png
Description: Outlook-1515063297.png

Attachment: Outlook-1515063312.png
Description: Outlook-1515063312.png

Attachment: Outlook-1515063325.png
Description: Outlook-1515063325.png

Attachment: Outlook-1515063331.png
Description: Outlook-1515063331.png

Attachment: Outlook-1515063344.png
Description: Outlook-1515063344.png

Attachment: Outlook-1515063290.png
Description: Outlook-1515063290.png

Attachment: Outlook-1515063297.png
Description: Outlook-1515063297.png

Attachment: Outlook-1515063312.png
Description: Outlook-1515063312.png

Attachment: Outlook-1515063325.png
Description: Outlook-1515063325.png

Attachment: Outlook-1515063331.png
Description: Outlook-1515063331.png

Attachment: Outlook-1515063344.png
Description: Outlook-1515063344.png

Attachment: Outlook-1515063290.png
Description: Outlook-1515063290.png

Attachment: Outlook-1515063297.png
Description: Outlook-1515063297.png

Attachment: Outlook-1515063312.png
Description: Outlook-1515063312.png

Attachment: Outlook-1515063325.png
Description: Outlook-1515063325.png

Attachment: Outlook-1515063331.png
Description: Outlook-1515063331.png

Attachment: Outlook-1515063344.png
Description: Outlook-1515063344.png

Attachment: Outlook-1515063290.png
Description: Outlook-1515063290.png

Attachment: Outlook-1515063297.png
Description: Outlook-1515063297.png

Attachment: Outlook-1515063312.png
Description: Outlook-1515063312.png

Attachment: Outlook-1515063325.png
Description: Outlook-1515063325.png

Attachment: Outlook-1515063331.png
Description: Outlook-1515063331.png

Attachment: Outlook-1515063344.png
Description: Outlook-1515063344.png

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx