Spring Boot app rejects HTTP request with total header size larger than 8 kB
search cancel

Spring Boot app rejects HTTP request with total header size larger than 8 kB

book

Article ID: 294522

calendar_today

Updated On:

Products

VMware Spring Runtime

Issue/Introduction

Your Spring Boot app rejects HTTP requests when the total header size is larger than 8 kB. The article explains why sending large sized HTTP headers to your Spring Boot app fails with the following error.  
HTTP/1.0 400 Bad request
Cache-Control: no-cache
Connection: close
Content-Type: text/html


In a Spring Boot app, the max HTTP header size is configured using:

server.max-http-header-size


It is an INT value in ServerProperties with a default value of 0. The actual default value for Tomcat and Jetty is 8 kB and the default value for Undertow is 1 MB.

When deploying your Spring Boot app, an embedded tomcat is being used as the application server. If a request is sent where the total HTTP header size is larger than 8 kB bytes, Tomcat rejects the request with a "400 Bad request" error. 


Environment

Product Version: Other

Resolution

To modify the max HTTP header size in your app configuration file:

  • application.properties format
server.max-http-header-size=20000
  • application.yml format
server:
  max-http-header-size: 20000

To modify the max HTTP header size using environment variables:
cf set-env <APP_NAME> SERVER_MAXHTTPHEADERSIZE 20000
cf restage <APP_NAME>
Powered by Wolken Software