[Fwd: Possible bug with set-cookie]

Igor Sysoev is at rambler-co.ru
Wed Oct 17 12:47:02 MSD 2007

On Wed, Oct 17, 2007 at 09:31:57AM +0200, Matteo Niccoli wrote:

> Manlio Perillo ha scritto:
> > You can also disable the master process.
> Ok I found in the error_log:
> *3486 client sent too long header line:
> So, I think this is a big problem, because if the cookie that client sends
> to server, is too big, the user is lost because can't connect to server
> anymore.

large_client_header_buffers  4 8k;

> Wouldn't it be better if instead of reply with "400 Bad Requests", nginx cut
> the cookie, or pass directly to the application in fastcgi?
> How apache manage this issue?

As I know Apache 1.3 had 8K buffer to read client request line and header

Igor Sysoev

More information about the nginx mailing list