Request-URI Too Long from mongrel-unicorn

Lawrence Pit lawrence.pit at gmail.com
Wed Apr 11 23:43:03 UTC 2012


Hi Eric & All,

> DEF_MAX_LENGTH(REQUEST_URI, 1024 * 12);
> DEF_MAX_LENGTH(FRAGMENT, 1024); /* Don't know if this length is specified somewhere or not */
> DEF_MAX_LENGTH(REQUEST_PATH, 1024);
> DEF_MAX_LENGTH(QUERY_STRING, (1024 * 10));
> 
> I will consider upping REQUEST_PATH to 4096 (and REQUEST_URI to 15K)
> since 4096 is a common filesystem PATH_MAX on modern systems.

IE browsers up to and including IEv8 have a max URL length of 2,083 characters : http://support.microsoft.com/kb/208427. 

IE9 seems to allow up to 5K last time I checked.

There may be other clients (ruby http clients, bots, traffic analysers, database clients with limited column spaces to hold URLs, etc.) that can't handle long URLs if you take it too far. So practically it's advisable to keep your URLs within limits.

Having said that, the HTTP/1.1 spec state that servers SHOULD be able to handle URIs of unbounded length. So yes, unicorn should allow this if one chooses.

> Given we already allow huge headers and
> Ruby uses quite a bit of memory, I don't think a potential extra 3K
> will negatively impact anybody.

Should there be a limit at all in unicorn? Should it not be assumed this is configured at the webserver level, like:

http://wiki.nginx.org/NginxHttpCoreModule#large_client_header_buffers

nginx currently uses a default of 4 buffers of 8K. (i.e. a path_max of 8K)

The webserver takes care of bombing out with a 414 before it even reaches unicorn. If traffic does reach unicorn then unicorn should be able to handle whatever length it's given.

PS. I'm fine with 4096 as well of course, I keep to the 2K limit anyways ;-)

Cheers,
Lawrence



More information about the mongrel-unicorn mailing list