Start of Content Area

Procedure documentation Limiting the Length of the Request Body  Locate the document in its SAP Library structure

Use

To protect your system from malicious denial-of-service attacks, you can set a limit on the request body length that can be accepted by the HTTP Provider Service on the Java dispatcher. The system controls this limit by inspecting the Content-Lengthheader of the request or monitoring the chunked request body (in case chunked encoding is applied to the message). If the value of the Content-Lengthheader exceeds the maximum request body length, then the HTTP Provider Service will reject the request with a 413 “Request Entity Too Large” error response.

You can limit the length of the request body using the MaxRequestContentLength property of the HTTP Provider Service running on the Java dispatcher. By default, the maximum permitted value is 131072 KB (or 128MB).

Procedure

You can configure the MaxRequestContentLength property using the Visual Administrator tool. Proceed as follows:

...

       1.      Go to the Properties tab of the HTTP Provider Service running on the dispatcher.

       2.      Choose MaxRequestContentLength property and enter a value in the Value field. The length is specified in KB.

       3.      Choose Update to add it to the list of properties.

       4.      To apply these changes, choose This graphic is explained in the accompanying text (Save Properties).

 

End of Content Area