Reputation: 29874
How long is a 255-byte string in the context of HTTP requests?
I have a problem with long urls in the context of video streaming via the amazon cloudfront cdn and signedd urls on a media-box.
RFC 2068 - Hypertext Transfer Protocol -- HTTP/1.1 states:
Note: Servers should be cautious about depending on URI lengths
above 255 bytes, because some older client or proxy implementations
may not properly support these lengths.
This seems to be exactly the limitation i am running into. Because 255 character long urls work, 256 characters don't.
However I am a little confused because I thought in ASCII a character is encoded by 7 bit.
I also know that the valid characters in an URL are entirely covered by the ascii alphabet.
I do know that it is common practice to extend to an 8-bit alphabet to support more characters or use the one bit missing to one byte for error detection/correction.
My question now is:
In the context of http requests. What exactly is meant when speaking of a length of 255 bytes. How many characters and how is this number reproduceable?
Upvotes: 3
Views: 20742
Answers (3)
Reputation: 122719
255 bytes would be 255 characters here. This note is a rule of thumb. Unless you're going via a proxy, most URIs will be split in the request header (the host is generally in the Host header, not on the request line).
I think this 255-byte limit is generally obsolete with current software, although limits still exist. Internet Explorer has a 2083-character limit on URLs. I think Firefox can handle more, but that's barely relevant if you want your site to work with IE anyway.
Signatures in URLs are tricky. There are workarounds where you'd strip the signature to the bare minimum: no certificate, no signer's name. In this case, the recipient is expected to know where the signature came from, and with which public key to verify it. This is more or less the SAML HTTP Redirect binding does (around line 594). If you can't use such tricks, you may just have to use POST.
Upvotes: 3
Reputation: 42045
There is no 255-character limit in HTTP (the protocol). There maybe a limit in certain software components, though.
Also note that RFC 2068 is really ancient, the latest and greatest on this can be found here: http://greenbytes.de/tech/webdav/draft-ietf-httpbis-p1-messaging-19.html#rfc.section.3.1.1.p.10:
"Various ad-hoc limitations on request-line length are found in practice. It is RECOMMENDED that all HTTP senders and recipients support, at a minimum, request-line lengths of up to 8000 octets."
Upvotes: 1
Reputation: 99687
Ascii only uses the first 7 bits of each byte, but every character still takes up one byte.
Upvotes: 3
Related Questions
- FormUrlEncodedContent's length limitation, MS's arbitary decision or HTTP specification?
- How many bytes does one character take on a web page request?
- Maximum length of a querystring in asp.net
- maximum length of an HTTP message?
- Where does this Content-Length come from?
- What is the encoding of an HTTP request?
- What is the maximum length for a querystring?
- How to calculate the URL byte length?
- what is relation between content-length and byte ranges in HTTP/1.1?
- What's the encoding of the content of an HTTP request?