Show TOC Start of Content Area

Procedure documentation Limiting the Length of the Requests Headers  Locate the document in its SAP Library structure

Use

For security reasons, you can set the maximum length of the headers part of HTTP requests that can be received by the HTTP Provider Service. Thus, you can prevent denial-of-service attacks by requests with huge headers.

The limit is determined by the value of the MaxRequestHeadersLength property of the HTTP Provider Service running on the Java dispatcher. By default, it is 16384 bytes. If the request headers exceed the value of this property, HTTP Provider Service returns message with response code 413 “Request Entity Too Large”.

Procedure

You can set the maximum length of the HTTP headers using the Visual Administrator tool as follows:

...

       1.      Go to the Properties tab of the HTTP Provider Service running on the dispatcher

       2.      Choose MaxRequestHeadersLength property and enter a value in the Value field. The length is specified in bytes

       3.      Choose Update to add it to the list of properties

       4.      To apply these changes, choose This graphic is explained in the accompanying text (Save Properties)

 

 

End of Content Area