There are two application servers and a switch. When i access application by using application server ip it works fine. However if i use switch ip in my url Bad request error throws up only for firefox and chrome for a few links only.
41
votes
What kind of "switch" do you use? It might be your load balancer tampers with the request data and forwards it in a way your app server does not understand. Illegal UTF-8 or truncated headers are likely candidates...
– da maddin
Maybe you are using some special characters that causes this error.
– Sasi varna kumar
@Sasivarnakumar i also had the same problem and your notice helped me then i can answer... thank you . i just remove the space and tabs in my header
– saber tabatabaee yazdi
We had this on a Windows Server with IIS where the SAML request sent to the server was too large, because some users were members of more than 300 Windows groups. These were all sent in the SAML request which resulted in a too large request size.
– Uwe Keim
13 Answers
44
votes
Here is a detailed explanation & solution for this problem from ibm.
Problem(Abstract)
Request to HTTP Server fails with Response code 400.
Symptom
Response from the browser could be shown like this:
Bad Request Your browser sent a request that this server could not understand. Size of a request header field exceeds server limit.
HTTP Server Error.log shows the following message: "request failed: error reading the headers"
Cause
This is normally caused by having a very large Cookie, so a request header field exceeded the limit set for Web Server.
Diagnosing the problem
To assist with diagnose of the problem you can add the following to the LogFormat directive in the httpd.conf: error-note: %{error-notes}n
Resolving the problem
For server side: Increase the value for the directive LimitRequestFieldSize in the httpd.conf: LimitRequestFieldSize 12288 or 16384 For How to set the LimitRequestFieldSize, check Increase the value of LimitRequestFieldSize in Apache
For client side: Clear the cache of your web browser should be fine.
26
votes
If you use Apache httpd web server in version above 2.2.15-60, then it could be also because of underscore _ in hostname.
https://ma.ttias.be/apache-httpd-2-2-15-60-underscores-hostnames-now-blocked/
6
votes
3
votes
Make sure you url encode all of the query params in your url.
In my case there was a space ' ' in my url, and I was making an API call using curl, and my api server was giving this error.
Means the following url
http://somedomain.com?key=some value with space
should be
http://somedomain.com/?key=some%20value%20with%20space
2
votes
2
votes
I'm a bit late to the party, but bumped in to this issue whilst working with the openidc auth module.
I ended up noticing that cookies were not being cleared properly, and I had at least 10 mod_auth_openidc_state_... cookies, all of which would be sent by my browser whenever I made a request.
If this sounds familiar to you, double check your cookies!
1
votes
1
votes
In my case is a cookie-related issue, I had many cookies with value extremely big, and that was causing the problem.
You can replicate this issue here on stackoverflow.com, just open the console and type this:
[ ...Array(5) ].forEach((i, idx) => {
document.cookie = `stackoverflow_cookie${idx}=${'a'.repeat(4000)}`;
});
What is that?
I am creating 5 cookies with a string of length or value of 4000 bytes; then reload the page and you will see the same issue.
I tried it on google.com and you'll get the error but they automatically clear the cookies for you, which is a nice fallback to start fresh.
0
votes
in my magento2 website ,show exactly the same error when click a product,
my solution is to go to edit the value of Search Engine Optimization - URL Key of this product,
make sure that there are only alphabet,number and - in URL Key, such as 100-washed-cotton-duvet-cover-set, deleting all other special characters ,such as % .
0
votes
0
votes
0
votes
For GET Request make sure that passing parameters are url encoded. if you are using php you can use urlencode function
